Tenda F451 Buffer Overflow Vulnerability in L7Im Form Handling
Vulnerability
A stack-based buffer overflow vulnerability has been identified in the Tenda F451 router, specifically in the firmware version 1.0.0.7_cn_svn7958. The issue arises in the 'frmL7ImForm' function within the '/goform/L7Im' file, where user-supplied data in the 'page' parameter is processed by the 'sprintf' function without proper length validation. This oversight allows for the overflow of a stack-based buffer, potentially leading to arbitrary code execution or a denial-of-service condition. The vulnerability can be exploited remotely.
Impact
Exploitation of this vulnerability causes a stack-based buffer overflow, which can be leveraged to execute arbitrary code or create a denial-of-service condition.
Reproduction
The vulnerability can be reproduced by sending a POST request to the '/goform/L7Im' endpoint with a 'page' parameter that contains a payload designed to overflow the stack-based buffer. This can be done using a script or tool that automates the process of crafting and sending the malicious request.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.