Skip to main content

CVE-2022-44167: n/a in n/a

High
VulnerabilityCVE-2022-44167cvecve-2022-44167
Published: Mon Nov 21 2022 (11/21/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer.

AI-Powered Analysis

AILast updated: 06/22/2025, 12:50:18 UTC

Technical Analysis

CVE-2022-44167 is a high-severity buffer overflow vulnerability identified in the Tenda AC15 router firmware version V15.03.05.18. The vulnerability arises specifically in the function formSetPPTPServer, which is responsible for handling configuration related to the PPTP VPN server settings. A buffer overflow occurs when the function processes input data without proper bounds checking, allowing an attacker to overwrite adjacent memory. This can lead to denial of service (DoS) conditions by crashing the device or potentially enable remote code execution if exploited with crafted input. The vulnerability is remotely exploitable over the network without requiring authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The impact is primarily on availability (A:H), with no direct confidentiality or integrity impact reported. The vulnerability is classified under CWE-787 (Out-of-bounds Write), a common and critical class of memory corruption bugs. No public exploits or patches have been reported at the time of publication (November 2022), but the ease of exploitation and lack of authentication requirements make this a significant risk for affected devices. Given that Tenda AC15 routers are consumer-grade networking devices often deployed in home and small office environments, exploitation could disrupt internet connectivity and network services, potentially impacting business operations relying on these devices for VPN or routing functions.

Potential Impact

For European organizations, the exploitation of this vulnerability could result in network outages or degraded service availability, especially for small and medium enterprises (SMEs) or home offices using Tenda AC15 routers. Disruption of VPN services could impact remote work capabilities, a critical function in the current hybrid work environment prevalent across Europe. Although the vulnerability does not directly compromise confidentiality or integrity, the loss of availability could lead to operational downtime, loss of productivity, and potential secondary impacts such as delayed communications or interrupted access to cloud services. Additionally, if attackers develop advanced exploits, there is a risk of device takeover, which could be leveraged for lateral movement within networks or as part of larger botnet campaigns. The lack of patches and public exploits currently limits immediate widespread impact, but the vulnerability remains a significant threat vector for organizations relying on these devices without proper network segmentation or monitoring.

Mitigation Recommendations

Organizations should first identify any deployment of Tenda AC15 routers, particularly those running firmware version V15.03.05.18. Since no official patches are currently available, immediate mitigation should focus on network-level protections: restrict remote access to router management interfaces, especially from untrusted networks; disable PPTP VPN server functionality if not required; implement strict firewall rules to limit exposure of the router's management and VPN ports; and monitor network traffic for anomalous activity targeting the router. Additionally, organizations should consider replacing vulnerable devices with models from vendors that provide timely security updates and have a robust patch management process. Employing network segmentation to isolate vulnerable devices can reduce the risk of exploitation spreading to critical infrastructure. Regularly reviewing vendor advisories and subscribing to threat intelligence feeds will help detect when patches or exploits become available. Finally, educating users about the risks of using outdated router firmware and encouraging timely updates is essential for long-term security.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-10-30T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d983cc4522896dcbeea3e

Added to database: 5/21/2025, 9:09:16 AM

Last enriched: 6/22/2025, 12:50:18 PM

Last updated: 8/9/2025, 12:59:48 AM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats