Tenda F451 Stack-Based Buffer Overflow Vulnerability in Web Management Interface

A stack-based buffer overflow vulnerability has been identified in the Tenda F451 router, specifically in the web management interface of firmware versions 1.0.0.7 and 1.0.0.9. The vulnerability arises in the 'fromNatlimit' function within the '/goform/Natlimit' endpoint. An attacker can exploit this issue by sending an overly long string in the 'page' parameter, leading to a buffer overflow. This vulnerability can be exploited remotely, with potential consequences including a denial-of-service condition or remote code execution.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, which can lead to arbitrary code execution or a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by sending a POST request to the '/goform/Natlimit' endpoint with an excessively long string in the 'page' parameter. This can be done using a Python script that automates the process, as demonstrated in the proof-of-concept available on GitHub.