Tenda AX-1806 Vulnerability Vendor: Tenda Product: AX-1806 Version: v1.0.0.1 (Link to download) Vulnerability Type: Stack Overflow Author: Chuanhao Wan Email: chuanhaowan@hust.edu.cn Institution: Huazhong University of Science and Technology (HUST) Vulnerability Cause A stack overflow vulnerability exists in the function. The value is obtained from user-controlled input and copied into a fixed-size stack buffer ( ) using , which does not perform bounds checking. An attacker can supply an excessively long value for , causing a stack-based buffer overflow and resulting in a Denial of Service (DoS). Proof of Concept (PoC) To reproduce the vulnerability: 1. Boot the firmware using QEMU or another method. 2. Execute the following Python script for PoC attacks: Result The target router crashes and cannot provide services correctly and persistently, as shown in the provided screenshots.