Tenda AX-1803 Stack Overflow Vulnerability in WiFi Settings Function Leading to Denial-of-Service

A stack overflow vulnerability has been identified in the Tenda AX-1803 router, specifically in version 1.0.0.1. The issue arises in the 'form_fast_setting_wifi_set' function, where the 'timeZone' parameter is processed. The vulnerability allows attackers to cause a denial-of-service (DoS) condition by sending a crafted request with an excessively long 'timeZone' parameter, including a colon to facilitate parsing. This unbounded input leads to a stack overflow, causing the router to crash and disrupt service.

Impact

Exploitation of this vulnerability causes the router to crash, leading to a persistent denial-of-service condition where the device fails to provide normal services.

Reproduction

The vulnerability can be reproduced by sending a POST request to the '/goform/fast_setting_wifi_set' endpoint. The request must include a 'timeZone' parameter with a length sufficient to trigger the stack overflow, along with a 'ssid' parameter. This can be done using a script that automates the process, such as one written in Python using the 'requests' library.