Skip to main content

CVE-2022-40853: n/a in n/a

Critical
VulnerabilityCVE-2022-40853cvecve-2022-40853
Published: Fri Sep 23 2022 (09/23/2022, 13:59:58 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set

AI-Powered Analysis

AILast updated: 07/08/2025, 05:13:29 UTC

Technical Analysis

CVE-2022-40853 is a critical stack overflow vulnerability identified in the Tenda AC15 router firmware version V15.03.05.19. The vulnerability arises from improper handling of the 'list' parameter in the /goform/fast_setting_wifi_set endpoint. Specifically, the router's web interface does not adequately validate or sanitize input passed to this parameter, allowing an attacker to craft a malicious request that triggers a stack-based buffer overflow (CWE-787). This type of vulnerability can lead to arbitrary code execution, enabling an attacker to gain control over the affected device without requiring authentication or user interaction. The CVSS v3.1 base score of 9.8 reflects the high severity, with network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The impact includes full compromise of confidentiality, integrity, and availability of the router, potentially allowing attackers to manipulate network traffic, intercept sensitive data, or pivot into internal networks. Although no public exploits have been reported in the wild yet, the critical nature and ease of exploitation make this a significant threat to users of the Tenda AC15 router running the specified firmware version.

Potential Impact

For European organizations, the exploitation of CVE-2022-40853 could have severe consequences. Routers like the Tenda AC15 often serve as the primary gateway for small and medium-sized enterprises (SMEs) and home offices, environments that may lack robust network security controls. Successful exploitation could lead to full compromise of network perimeter devices, enabling attackers to intercept confidential communications, disrupt business operations, or launch further attacks within the internal network. This is particularly concerning for sectors handling sensitive personal data under GDPR regulations, as breaches could result in significant legal and financial penalties. Additionally, compromised routers could be leveraged as part of botnets or for launching distributed denial-of-service (DDoS) attacks, impacting broader network stability. The lack of authentication and user interaction requirements lowers the barrier for attackers, increasing the likelihood of exploitation if vulnerable devices remain unpatched.

Mitigation Recommendations

To mitigate this vulnerability effectively, European organizations should first identify all Tenda AC15 routers running firmware version V15.03.05.19. Since no official patch links are currently available, organizations should monitor Tenda's official channels for firmware updates addressing this issue. In the interim, network administrators should restrict access to the router's management interface by limiting it to trusted internal IP addresses and disabling remote management features if enabled. Implementing network segmentation can isolate vulnerable devices from critical infrastructure. Employing intrusion detection/prevention systems (IDS/IPS) with signatures for anomalous HTTP requests targeting /goform/fast_setting_wifi_set may help detect exploitation attempts. Additionally, organizations should consider replacing outdated or unsupported routers with devices from vendors that provide timely security updates. Regularly auditing network devices and maintaining an asset inventory will facilitate rapid response to such vulnerabilities in the future.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-09-19T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682f98d10acd01a24926ffc7

Added to database: 5/22/2025, 9:36:17 PM

Last enriched: 7/8/2025, 5:13:29 AM

Last updated: 8/2/2025, 6:54:29 AM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats