This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A Stack Buffer Overflow in Tenda WH450. π **Consequences**: Complete system compromise. The flaw lies in handling the `page` parameter in `/goform/DhcpListClient`.β¦
π‘οΈ **CWE**: CWE-121 (Stack-based Buffer Overflow). π **Flaw**: Improper validation of the `page` input parameter. The system fails to check buffer boundaries, allowing oversized data to overwrite the stack.
Q3Who is affected? (Versions/Components)
π’ **Vendor**: Tenda (China). π¦ **Product**: WH450 Wireless Access Point. π **Affected Version**: Specifically **v1.0.0.18**. Check your firmware version immediately!
Q4What can hackers do? (Privileges/Data)
π **Privileges**: High. CVSS Score indicates **Critical** impact. π **Impact**: High Confidentiality, Integrity, and Availability loss.β¦
β‘ **Threshold**: Low. π **Network**: Attack Vector is Network (AV:N). π **Auth**: Privileges Required are None (PR:N). π« **User Interaction**: None (UI:N). You don't need to be logged in to exploit this!
Q6Is there a public Exp? (PoC/Wild Exploitation)
π₯ **Exploit Status**: Yes, Public. π **Source**: GitHub PoC available (z472421519/BinaryAudit). π **Details**: Specific HTTP request examples are documented. Wild exploitation is possible given the low barrier.
Q7How to self-check? (Features/Scanning)
π **Check**: Scan for Tenda WH450 devices. π‘ **Probe**: Send malformed requests to `/goform/DhcpListClient` with a large `page` parameter.β¦
π **Patch**: Official patch status not explicitly detailed in the snippet, but the vulnerability is published. π’ **Action**: Check Tenda's official support site for firmware updates > v1.0.0.18.β¦
π§ **Workaround**: If no patch: 1. Block external access to the device's management interface. 2. Disable UPnP if enabled. 3. Isolate the device on a separate VLAN. 4. Monitor logs for abnormal DHCP requests.
Q10Is it urgent? (Priority Suggestion)
π₯ **Urgency**: CRITICAL. π¨ **Priority**: Immediate Action Required. With CVSS High impact, no auth needed, and public PoC, this is a high-risk vulnerability. Patch or isolate immediately!