CVE-2022-46547

Vulnerability

Tenda F1203 router firmware version V2.0.1.6 contains a buffer overflow vulnerability in the httpd module when processing requests to the /goform/VirtualSer endpoint. The overflow occurs in the fromVirtualSer function due to insufficient bounds checking on the page parameter. An attacker can send a POST request with an overly long page value, causing a stack-based buffer overflow. This affects the Tenda F1203 V2.0.1.6 firmware [1].

Exploitation

An attacker with network access to the router can exploit this vulnerability by sending a crafted HTTP POST request to /goform/VirtualSer with a page parameter containing a long string of characters (e.g., 4106 bytes of 'a'). No authentication is required, as the request can be sent without valid credentials. The provided proof-of-concept demonstrates a denial-of-service condition by crashing the httpd process [1].

Impact

Successful exploitation leads to a denial of service (DoS) as the httpd process crashes, rendering the router's web interface unavailable. The reference indicates that the overflow can cause a crash, but does not demonstrate remote code execution. The impact is limited to availability loss, though further analysis might reveal potential for code execution [1].

Mitigation

As of the publication date (2022-12-20), no official patch or firmware update has been released by Tenda to address this vulnerability. Users are advised to monitor Tenda's support page for future updates. No workaround is provided in the available references [1].