Tenda CH22 Buffer Overflow Vulnerability in the DelFileName Function

A buffer overflow vulnerability has been identified in the Tenda CH22 router, specifically in version 1.0.0.1. The issue arises in the 'formdelFileName' function within the '/goform/delFileName' file. This vulnerability can be exploited remotely, allowing attackers to cause a denial of service by overwhelming the router's processing capabilities, effectively crashing the device and making it inaccessible.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, causing the router to crash and become unresponsive.

Reproduction

The vulnerability can be reproduced by sending a POST request to the '/goform/delFileName' endpoint with a 'fileNameMit' parameter. The value of this parameter should be a string of bytes that exceeds the buffer's capacity, such as 1025 bytes of 'a' characters. This can be done using a Python script that utilizes the 'requests' library to automate the process.