A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing…

A critical security vulnerability has been identified in Tenda F456 router version 1.0.0.5. The flaw affects the frmL7ProtForm function in the /goform/L7Prot file of the httpd component. Attackers can exploit this vulnerability by manipulating the 'page' argument, which leads to a buffer overflow condition. The vulnerability allows for remote exploitation, making it particularly dangerous. Public exploit code has been released and is available for potential attackers to use. This makes the vulnerability a high-priority security concern requiring immediate attention and patching.