Tenda F456 Buffer Overflow Vulnerability in DHCP Management Function
Vulnerability
A stack-based buffer overflow vulnerability has been identified in the Tenda F456 router, specifically in version 1.0.0.5. The issue arises in the HTTP component, within the 'fromGstDhcpSetSer' function of the '/goform/GstDhcpSetSer' file. The vulnerability is triggered by manipulating the 'dips' parameter, which is not properly validated before being copied to a buffer, allowing for remote exploitation. This flaw could lead to a denial-of-service condition or potentially allow for remote code execution.
Impact
Exploitation of this vulnerability causes a buffer overflow, which can disrupt normal operation and potentially allow an attacker to execute arbitrary code on the device.
Reproduction
The vulnerability can be reproduced by sending a POST request to '/goform/GstDhcpSetSer' with a 'dips' parameter that contains a payload designed to overflow the buffer. This can be done using a web browser or a tool like curl, by including the necessary headers and cookies to mimic a legitimate request.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.