CVE-2022-45497 is a critical command injection vulnerability identified in the Tenda W6-S router firmware version 1.0.0.4(510). The flaw exists in the function tpi_get_ping_output, which is accessible via the /goform/exeCommand endpoint. This vulnerability allows an unauthenticated remote attacker to execute arbitrary system commands on the affected device by injecting malicious input into the command execution function. The vulnerability is classified under CWE-78 (Improper Neutralization of Special Elements used in an OS Command), indicating that user-supplied input is not properly sanitized before being passed to the operating system shell. The CVSS v3.1 base score of 9.8 reflects the critical severity, with attack vector being network (AV:N), no privileges required (PR:N), no user interaction (UI:N), and impacts on confidentiality, integrity, and availability all rated high (C:H/I:H/A:H). Exploitation of this vulnerability could lead to full system compromise, including unauthorized access, data exfiltration, device manipulation, or denial of service. Although no public exploits have been reported in the wild at the time of publication, the ease of exploitation and the critical impact make this a significant threat to any network deploying the vulnerable Tenda W6-S routers. The lack of vendor or product-specific details beyond the device model and firmware version limits the scope of direct mitigation advice, but the technical nature of the flaw points to the need for firmware updates or configuration changes to restrict access to the vulnerable endpoint.

For European organizations using Tenda W6-S routers, this vulnerability poses a severe risk. Successful exploitation could allow attackers to gain full control over the router, enabling interception or manipulation of network traffic, deployment of malware, or pivoting into internal networks. This could compromise sensitive data confidentiality, disrupt business operations, and damage organizational reputation. Critical infrastructure operators, SMEs, and enterprises relying on these devices for network connectivity could face service outages or data breaches. Given the router's role as a network gateway, the vulnerability could be exploited to launch further attacks within corporate networks. The absence of authentication and user interaction requirements increases the likelihood of automated exploitation attempts, raising the threat level for organizations with exposed or poorly segmented network environments.

1. Immediate mitigation should focus on isolating vulnerable Tenda W6-S devices from untrusted networks, especially the internet, to reduce exposure to remote attackers. 2. Network administrators should implement strict access controls, such as firewall rules, to block external access to the /goform/exeCommand endpoint or the router's management interface. 3. Monitor network traffic for unusual command execution patterns or unexpected outbound connections originating from the router. 4. If possible, disable remote management features on the device to limit attack surface. 5. Engage with Tenda support channels to obtain firmware updates or patches addressing this vulnerability; if no official patch is available, consider replacing affected devices with models from vendors with timely security support. 6. Employ network segmentation to isolate IoT and network infrastructure devices from critical business systems. 7. Regularly audit and inventory network devices to identify vulnerable hardware and ensure timely remediation. 8. Use intrusion detection/prevention systems (IDS/IPS) tuned to detect exploitation attempts targeting command injection vulnerabilities on network devices.