CVE-2022-46535

Vulnerability

A buffer overflow vulnerability exists in Tenda F1203 router firmware version V2.0.1.6 within the httpd module. The flaw is triggered when handling a POST request to the /goform/SetClientState endpoint, specifically via the deviceId parameter. The function formSetClientState does not properly validate the length of the input, leading to a stack-based buffer overflow when an excessively long string is supplied [1].

Exploitation

An attacker with network access to the router's web interface can exploit this vulnerability by sending a crafted POST request to /goform/SetClientState with an oversized deviceId parameter. No authentication is required, as the POC demonstrates the attack using a simple HTTP request. The request can be sent directly to the router's IP address, causing the overflow [1].

Impact

Successful exploitation results in a denial of service (DoS) condition, likely causing the router to crash or reboot. The reference explicitly states that the provided proof-of-concept can cause a DoS. While buffer overflows can sometimes lead to remote code execution, the available information only confirms a denial-of-service impact [1].

Mitigation

As of the publication date, no patched firmware version has been released by Tenda. Users are advised to monitor the vendor's download page for updates (https://www.tenda.com.cn/download/detail-2494.html) and consider replacing the device if no fix becomes available. No workarounds are documented [1].