CVE-2022-46541
Description
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the ssid parameter at /goform/fast_setting_wifi_set.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A buffer overflow in Tenda F1203 V2.0.1.6 via the ssid parameter in the fast_setting_wifi_set function allows denial of service.
Vulnerability
A buffer overflow vulnerability exists in the /goform/fast_setting_wifi_set handler of Tenda F1203 firmware version V2.0.1.6. The ssid parameter is copied into a fixed-length buffer without proper bounds checking, allowing an attacker to overflow it. The vulnerable code path is reachable via an HTTP POST request to the endpoint [1].
Exploitation
An attacker with network access to the router can exploit this vulnerability by sending a crafted POST request to /goform/fast_setting_wifi_set with an excessively long ssid value. The proof-of-concept demonstrates that sending over 2000 bytes of 'a' characters causes a denial of service. No prior authentication is required based on the available reference [1].
Impact
Successful exploitation results in a denial of service, as the overflow corrupts memory and crashes the httpd process. While the vulnerability is a buffer overflow, the reference only confirms denial of service; arbitrary code execution has not been demonstrated [1].
Mitigation
As of the publication date, no firmware update or patch has been released by Tenda to address this vulnerability. Users are advised to restrict network access to the router's management interface and monitor for future updates [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Tenda/F1203description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.