CVE-2022-42086: n/a in n/a
Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function TendaAteMode.
AI Analysis
Technical Summary
CVE-2022-42086 is a security vulnerability identified in the Tenda AX1803 router model, specifically version US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4. The vulnerability is classified as a Cross-Site Request Forgery (CSRF) issue affecting the function named TendaAteMode. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged HTTP request to a vulnerable web application, in this case, the router's web management interface. This can result in unauthorized actions being performed on the router without the user's consent. The CVSS v3.1 base score is 6.5, indicating a medium severity level. The vector string (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) shows that the attack can be performed remotely over the network without privileges and requires user interaction (e.g., clicking a malicious link). The vulnerability does not impact confidentiality or integrity but affects availability, potentially causing denial of service or disruption of router functionality. No known exploits are reported in the wild, and no patches or vendor advisories are currently available. The CWE-352 classification confirms the CSRF nature of the vulnerability. Since the vulnerability targets a specific router model and firmware version, exploitation requires the victim to be using this device and to interact with a malicious web page or link while authenticated to the router's management interface. This vulnerability could be leveraged to disrupt network connectivity or degrade router performance by triggering the TendaAteMode function maliciously.
Potential Impact
For European organizations, the impact of CVE-2022-42086 depends on the deployment of the affected Tenda AX1803 routers within their network infrastructure. If these routers are used in enterprise or small office environments, successful exploitation could lead to denial of service or network disruption, impacting business operations and availability of critical services. Since the vulnerability requires user interaction and authenticated sessions, the risk is somewhat mitigated by user awareness and network segmentation practices. However, in environments where these routers are used as primary gateways or in unmanaged segments, attackers could cause significant operational disturbances. Additionally, disruption of network availability could indirectly affect confidentiality and integrity by forcing fallback to less secure communication channels or causing operational errors. The lack of known exploits in the wild reduces immediate risk, but the medium severity score and ease of remote exploitation without privileges mean organizations should proactively address this vulnerability to prevent potential attacks.
Mitigation Recommendations
To mitigate CVE-2022-42086, European organizations should first identify any deployment of the Tenda AX1803 router model with the vulnerable firmware version. Network asset inventories and device management tools can assist in this identification. Since no official patches are currently available, organizations should consider the following specific actions: 1) Restrict access to the router's web management interface to trusted internal networks only, using firewall rules or VLAN segmentation to prevent remote access from untrusted sources. 2) Enforce strong authentication mechanisms and session timeouts on the router to reduce the window of opportunity for CSRF attacks. 3) Educate users about the risks of interacting with untrusted web content while authenticated to network devices. 4) Monitor network traffic and router logs for unusual activity that may indicate exploitation attempts targeting the TendaAteMode function. 5) If possible, upgrade to a newer firmware version or alternative router models that are not affected by this vulnerability. 6) Implement web application firewalls or proxy solutions that can detect and block CSRF attack patterns targeting network device management interfaces. These targeted mitigations go beyond generic advice by focusing on access control, user behavior, and network monitoring specific to the affected device and vulnerability.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland
CVE-2022-42086: n/a in n/a
Description
Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function TendaAteMode.
AI-Powered Analysis
Technical Analysis
CVE-2022-42086 is a security vulnerability identified in the Tenda AX1803 router model, specifically version US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4. The vulnerability is classified as a Cross-Site Request Forgery (CSRF) issue affecting the function named TendaAteMode. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged HTTP request to a vulnerable web application, in this case, the router's web management interface. This can result in unauthorized actions being performed on the router without the user's consent. The CVSS v3.1 base score is 6.5, indicating a medium severity level. The vector string (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) shows that the attack can be performed remotely over the network without privileges and requires user interaction (e.g., clicking a malicious link). The vulnerability does not impact confidentiality or integrity but affects availability, potentially causing denial of service or disruption of router functionality. No known exploits are reported in the wild, and no patches or vendor advisories are currently available. The CWE-352 classification confirms the CSRF nature of the vulnerability. Since the vulnerability targets a specific router model and firmware version, exploitation requires the victim to be using this device and to interact with a malicious web page or link while authenticated to the router's management interface. This vulnerability could be leveraged to disrupt network connectivity or degrade router performance by triggering the TendaAteMode function maliciously.
Potential Impact
For European organizations, the impact of CVE-2022-42086 depends on the deployment of the affected Tenda AX1803 routers within their network infrastructure. If these routers are used in enterprise or small office environments, successful exploitation could lead to denial of service or network disruption, impacting business operations and availability of critical services. Since the vulnerability requires user interaction and authenticated sessions, the risk is somewhat mitigated by user awareness and network segmentation practices. However, in environments where these routers are used as primary gateways or in unmanaged segments, attackers could cause significant operational disturbances. Additionally, disruption of network availability could indirectly affect confidentiality and integrity by forcing fallback to less secure communication channels or causing operational errors. The lack of known exploits in the wild reduces immediate risk, but the medium severity score and ease of remote exploitation without privileges mean organizations should proactively address this vulnerability to prevent potential attacks.
Mitigation Recommendations
To mitigate CVE-2022-42086, European organizations should first identify any deployment of the Tenda AX1803 router model with the vulnerable firmware version. Network asset inventories and device management tools can assist in this identification. Since no official patches are currently available, organizations should consider the following specific actions: 1) Restrict access to the router's web management interface to trusted internal networks only, using firewall rules or VLAN segmentation to prevent remote access from untrusted sources. 2) Enforce strong authentication mechanisms and session timeouts on the router to reduce the window of opportunity for CSRF attacks. 3) Educate users about the risks of interacting with untrusted web content while authenticated to network devices. 4) Monitor network traffic and router logs for unusual activity that may indicate exploitation attempts targeting the TendaAteMode function. 5) If possible, upgrade to a newer firmware version or alternative router models that are not affected by this vulnerability. 6) Implement web application firewalls or proxy solutions that can detect and block CSRF attack patterns targeting network device management interfaces. These targeted mitigations go beyond generic advice by focusing on access control, user behavior, and network monitoring specific to the affected device and vulnerability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2022-10-03T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0fb1484d88663aec54b
Added to database: 5/20/2025, 6:59:07 PM
Last enriched: 7/6/2025, 9:39:47 AM
Last updated: 8/15/2025, 10:08:48 AM
Views: 12
Related Threats
CVE-2025-9091: Hard-coded Credentials in Tenda AC20
LowCVE-2025-9090: Command Injection in Tenda AC20
MediumCVE-2025-9092: CWE-400 Uncontrolled Resource Consumption in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0
LowCVE-2025-9089: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9088: Stack-based Buffer Overflow in Tenda AC20
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.