CVE-2022-46530

Vulnerability

A buffer overflow vulnerability exists in Tenda F1203 router firmware version V2.0.1.6. The flaw is in the httpd module when processing a GET request to the /goform/GetParentControlInfo endpoint. The mac parameter is copied into a fixed-size buffer without proper length validation, allowing an attacker to overflow the buffer. This affects the Tenda F1203 V2.0.1.6 [1].

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP POST request to the router's web interface at /goform/GetParentControlInfo with an overly long mac parameter. No authentication is required, and the request can be sent from the local network. The proof of concept demonstrates a crash (Denial of Service) by providing a long string of a characters as the mac value [1].

Impact

Successful exploitation leads to a buffer overflow, which in the provided proof of concept causes a Denial of Service (DoS) by crashing the httpd service. If further exploited, this could potentially allow arbitrary code execution with the privileges of the web server, compromising the router's integrity and availability [1].

Mitigation

As of the disclosure date, no official patch has been released by Tenda for this vulnerability. Users should monitor Tenda's support page for firmware updates. If not needed, consider disabling remote management and restricting access to the router's web interface to trusted devices only [1].