Tenda FH1202 Stack-Based Buffer Overflow Vulnerability in Web Exception Type Man Filter

A critical stack-based buffer overflow vulnerability has been identified in the Tenda FH1202 router, specifically in version 1.2.0.14(408). The issue arises in the 'fromwebExcptypemanFilter' function within the '/goform/webExcptypemanFilter' file. The vulnerability can be exploited remotely by manipulating the 'page' parameter, leading to unauthorized memory access and potential code execution.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, which can allow for arbitrary code execution on the affected device.

Reproduction

The vulnerability can be reproduced by sending a crafted request to the '/goform/webExcptypemanFilter' endpoint, including a 'page' parameter that triggers the buffer overflow. This can be done using common web application testing tools or by manually crafting the request.