CVE-2022-46539

Vulnerability

A buffer overflow vulnerability exists in the Tenda F1203 router, specifically in firmware version V2.0.1.6, within the httpd module when handling the /goform/WifiBasicSet request. The flaw is triggered by the security_5g parameter, which is processed without sufficient bounds checking, allowing a large payload to overflow the buffer. The affected version is Tenda F1203 V2.0.1.6 [1].

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP POST request to the /goform/WifiBasicSet endpoint on the Tenda F1203 router. The attack does not require authentication, as demonstrated by a proof-of-concept that includes a session cookie but can be performed without a valid session. The attacker sets the security_5g parameter to a long string of over 4000 characters, which overflows the buffer. The exploit is performed over the local network, targeting the router's management interface [1].

Impact

Successful exploitation results in a denial of service (DoS) condition, crashing the httpd process and disrupting the router's web management interface. The referenced proof-of-concept confirms the crash. No code execution is reported in the available references; the impact is limited to a temporary loss of management functionality [1].

Mitigation

Tenda has not released a firmware update to address this vulnerability as of the publication date. Users should consider restricting access to the router's management interface to trusted local network segments only. There is no indication that this CVE is listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. Monitoring vendor advisories for a future patch is recommended [1].