Tenda F456 Buffer Overflow Vulnerability in httpd Component
Vulnerability
A stack-based buffer overflow vulnerability has been identified in the Tenda F456 router, specifically in version 1.0.0.5. The issue arises in the httpd component, within the fromAdvSetWan function of the /goform/AdvSetWan file. The vulnerability is triggered by manipulating the wanmode and PPPOEPassword parameters, allowing for remote exploitation. This buffer overflow could lead to a denial-of-service condition or potentially allow for remote code execution.
Impact
Exploitation of this vulnerability causes a stack-based buffer overflow, which can lead to arbitrary code execution or a denial-of-service condition.
Reproduction
The vulnerability can be reproduced by sending a POST request to the /goform/AdvSetWan endpoint. The request must include the wanmode parameter set to 2, along with a crafted PPPOEPassword value that exceeds the buffer's capacity. This can be done using a web browser or a tool like curl, by specifying the appropriate headers and cookie information.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.