CVE-2022-46540
Description
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/addressNat.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Buffer overflow in Tenda F1203 V2.0.1.6 via entrys parameter at /goform/addressNat causes denial of service.
Vulnerability
A buffer overflow vulnerability exists in Tenda F1203 firmware version V2.0.1.6 in the httpd module when handling the /goform/addressNat request. The flaw is triggered by an overly long entrys parameter in the POST body, leading to a buffer overflow in the fromAddressNat function [1].
Exploitation
An attacker with network access to the router can send a crafted HTTP POST request to /goform/addressNat with a large entrys parameter value. No authentication is required (the proof-of-concept uses a default admin cookie). The request causes a buffer overflow, resulting in a denial of service [1].
Impact
Successful exploitation causes the httpd service to crash, rendering the router unresponsive until reboot. There is no indication of code execution or information disclosure; only denial of service is demonstrated [1].
Mitigation
As of the publication date (2022-12-20), no official patch or firmware update has been released to address this vulnerability. Users may consider upgrading to a newer router model or contacting Tenda for support. Workarounds are not available [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Tenda/F1203description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.