Skip to main content

CVE-2022-44175: n/a in n/a

Critical
VulnerabilityCVE-2022-44175cvecve-2022-44175
Published: Mon Nov 21 2022 (11/21/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.

AI-Powered Analysis

AILast updated: 06/22/2025, 10:07:34 UTC

Technical Analysis

CVE-2022-44175 is a critical buffer overflow vulnerability identified in the Tenda AC18 router firmware version V15.03.05.19. The vulnerability arises from the function formSetMacFilterCfg, which is responsible for configuring MAC address filtering on the device. A buffer overflow occurs when the function improperly handles input data, allowing an attacker to overwrite memory beyond the intended buffer boundaries. This type of vulnerability is classified under CWE-120 (Classic Buffer Overflow). The CVSS 3.1 base score of 9.8 reflects the severity of this flaw, indicating it is remotely exploitable over the network (AV:N), requires no privileges (PR:N), and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H), meaning an attacker can potentially execute arbitrary code, take full control of the device, intercept or manipulate network traffic, and disrupt network services. Although no known exploits are currently reported in the wild, the ease of exploitation and critical impact make this vulnerability a significant threat. The absence of vendor or product details beyond the Tenda AC18 router model limits the scope of affected versions, but the specific firmware version is clearly identified. No official patches or mitigation links have been published as of the date of this analysis, increasing the urgency for affected users to take protective measures.

Potential Impact

For European organizations, the exploitation of CVE-2022-44175 could have severe consequences. The Tenda AC18 router is commonly used in small to medium-sized enterprises and residential environments due to its cost-effectiveness and feature set. Successful exploitation could lead to full compromise of the router, allowing attackers to intercept sensitive communications, redirect traffic, or establish persistent footholds within corporate or home networks. This could facilitate further lateral movement, data exfiltration, or deployment of ransomware and other malware. The disruption of network availability could impact business operations, especially for organizations relying on these routers for internet connectivity or VPN access. Given the criticality and network-level exploitability, the vulnerability poses a substantial risk to confidentiality, integrity, and availability of network infrastructure within European organizations, potentially affecting sectors such as finance, healthcare, and critical infrastructure where secure communications are paramount.

Mitigation Recommendations

1. Immediate network segmentation: Isolate Tenda AC18 routers from critical network segments to limit potential lateral movement if compromised. 2. Disable or restrict remote management interfaces, especially those exposed to the internet, to reduce attack surface. 3. Implement strict firewall rules to limit inbound traffic to the router’s management ports. 4. Monitor network traffic for unusual patterns indicative of exploitation attempts, such as unexpected MAC filter configuration requests. 5. Regularly audit router firmware versions and configurations to identify devices running the vulnerable firmware. 6. Engage with Tenda support channels to obtain any available patches or firmware updates addressing this vulnerability. If no official patch is available, consider replacing affected devices with models from vendors with active security support. 7. Employ network intrusion detection/prevention systems (IDS/IPS) with signatures or heuristics capable of detecting buffer overflow attempts targeting router management functions. 8. Educate IT staff on the risks associated with unmanaged or outdated network devices and enforce strict asset management policies.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-10-30T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d983cc4522896dcbeef2b

Added to database: 5/21/2025, 9:09:16 AM

Last enriched: 6/22/2025, 10:07:34 AM

Last updated: 8/11/2025, 8:34:05 PM

Views: 13

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats