CVE-2022-42060: n/a in n/a
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.
AI Analysis
Technical Summary
CVE-2022-42060 is a high-severity vulnerability identified in the Tenda AC1200 Router Model W15Ev2 running firmware version V15.11.0.10(1576). The vulnerability arises from a stack-based buffer overflow in the setWanPpoe function. This function is responsible for configuring the WAN PPPoE (Point-to-Point Protocol over Ethernet) settings on the router. An attacker can exploit this flaw by sending specially crafted data to the vulnerable function, causing a stack overflow that leads to a Denial of Service (DoS) condition. The overflow does not impact confidentiality or integrity directly but results in service disruption by crashing or destabilizing the router. The CVSS 3.1 base score is 7.5, reflecting a high severity due to the network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The scope is unchanged (S:U), and the impact is solely on availability (A:H), with no confidentiality or integrity impact. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow). No public exploits are currently known in the wild, and no official patches or vendor advisories have been linked yet. However, the presence of this vulnerability in a widely deployed consumer router model poses a risk of widespread DoS attacks if exploited at scale.
Potential Impact
For European organizations, the impact of this vulnerability primarily concerns network availability and operational continuity. The Tenda AC1200 router is commonly used in small office and home office (SOHO) environments, as well as by some small businesses. A successful exploitation could disrupt internet connectivity by causing router crashes, leading to downtime and loss of productivity. While the vulnerability does not allow data theft or manipulation, the denial of service can affect remote work capabilities, VoIP communications, and access to cloud services. In sectors relying on stable internet connections, such as finance, healthcare, and critical infrastructure, even short outages can have cascading effects. Additionally, attackers could leverage this vulnerability as part of a larger attack chain or to create network disruptions during geopolitical tensions. The lack of required authentication and user interaction increases the risk of automated exploitation attempts, especially if attackers scan for vulnerable devices exposed to the internet.
Mitigation Recommendations
To mitigate this vulnerability effectively, European organizations should: 1) Identify and inventory all Tenda AC1200 W15Ev2 routers in their networks, focusing on firmware version V15.11.0.10(1576). 2) Monitor vendor channels and security advisories for official firmware updates or patches addressing CVE-2022-42060 and apply them promptly upon release. 3) If patches are unavailable, consider temporary mitigations such as disabling or restricting WAN PPPoE configuration interfaces, especially from untrusted networks or the internet. 4) Implement network segmentation to isolate vulnerable routers from critical systems and reduce attack surface exposure. 5) Employ intrusion detection/prevention systems (IDS/IPS) with signatures or anomaly detection for unusual PPPoE configuration traffic. 6) Restrict remote management access to routers using VPNs or secure management protocols and strong authentication. 7) Regularly back up router configurations and maintain incident response plans to quickly recover from DoS incidents. 8) Educate IT staff about this vulnerability and encourage proactive monitoring of router logs for signs of exploitation attempts.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland, Belgium, Sweden, Austria
CVE-2022-42060: n/a in n/a
Description
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.
AI-Powered Analysis
Technical Analysis
CVE-2022-42060 is a high-severity vulnerability identified in the Tenda AC1200 Router Model W15Ev2 running firmware version V15.11.0.10(1576). The vulnerability arises from a stack-based buffer overflow in the setWanPpoe function. This function is responsible for configuring the WAN PPPoE (Point-to-Point Protocol over Ethernet) settings on the router. An attacker can exploit this flaw by sending specially crafted data to the vulnerable function, causing a stack overflow that leads to a Denial of Service (DoS) condition. The overflow does not impact confidentiality or integrity directly but results in service disruption by crashing or destabilizing the router. The CVSS 3.1 base score is 7.5, reflecting a high severity due to the network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The scope is unchanged (S:U), and the impact is solely on availability (A:H), with no confidentiality or integrity impact. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow). No public exploits are currently known in the wild, and no official patches or vendor advisories have been linked yet. However, the presence of this vulnerability in a widely deployed consumer router model poses a risk of widespread DoS attacks if exploited at scale.
Potential Impact
For European organizations, the impact of this vulnerability primarily concerns network availability and operational continuity. The Tenda AC1200 router is commonly used in small office and home office (SOHO) environments, as well as by some small businesses. A successful exploitation could disrupt internet connectivity by causing router crashes, leading to downtime and loss of productivity. While the vulnerability does not allow data theft or manipulation, the denial of service can affect remote work capabilities, VoIP communications, and access to cloud services. In sectors relying on stable internet connections, such as finance, healthcare, and critical infrastructure, even short outages can have cascading effects. Additionally, attackers could leverage this vulnerability as part of a larger attack chain or to create network disruptions during geopolitical tensions. The lack of required authentication and user interaction increases the risk of automated exploitation attempts, especially if attackers scan for vulnerable devices exposed to the internet.
Mitigation Recommendations
To mitigate this vulnerability effectively, European organizations should: 1) Identify and inventory all Tenda AC1200 W15Ev2 routers in their networks, focusing on firmware version V15.11.0.10(1576). 2) Monitor vendor channels and security advisories for official firmware updates or patches addressing CVE-2022-42060 and apply them promptly upon release. 3) If patches are unavailable, consider temporary mitigations such as disabling or restricting WAN PPPoE configuration interfaces, especially from untrusted networks or the internet. 4) Implement network segmentation to isolate vulnerable routers from critical systems and reduce attack surface exposure. 5) Employ intrusion detection/prevention systems (IDS/IPS) with signatures or anomaly detection for unusual PPPoE configuration traffic. 6) Restrict remote management access to routers using VPNs or secure management protocols and strong authentication. 7) Regularly back up router configurations and maintain incident response plans to quickly recover from DoS incidents. 8) Educate IT staff about this vulnerability and encourage proactive monitoring of router logs for signs of exploitation attempts.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2022-10-03T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0fc1484d88663aecc47
Added to database: 5/20/2025, 6:59:08 PM
Last enriched: 7/6/2025, 5:57:25 PM
Last updated: 7/29/2025, 5:49:26 AM
Views: 10
Related Threats
CVE-2025-9008: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-9007: Buffer Overflow in Tenda CH22
HighCVE-2025-9006: Buffer Overflow in Tenda CH22
HighCVE-2025-9005: Information Exposure Through Error Message in mtons mblog
MediumCVE-2025-9004: Improper Restriction of Excessive Authentication Attempts in mtons mblog
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.