CVE-2022-45499 is a high-severity vulnerability identified in the Tenda W6-S router firmware version 1.0.0.4(510). The vulnerability is a stack-based buffer overflow triggered via the 'wl_radio' parameter in the HTTP endpoint /goform/WifiMacFilterGet. This endpoint is likely part of the router's web management interface, which handles Wi-Fi MAC filtering configurations. The stack overflow (CWE-787) occurs when an attacker sends a specially crafted request with an overly long or malformed 'wl_radio' parameter, causing the router's firmware to overwrite memory on the stack. This can lead to denial of service (DoS) by crashing the device or potentially enable remote code execution (RCE) if exploited with precision, although no known exploits are currently reported in the wild. The CVSS 3.1 base score of 7.5 reflects a network attack vector (AV:N) with low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact is limited to availability (A:H) with no direct confidentiality or integrity impact reported. The vulnerability affects a specific firmware version of the Tenda W6-S, a consumer-grade Wi-Fi 6 router, which is used in home and small office environments. The absence of vendor or product details beyond the model and firmware version limits the scope of affected devices, but the vulnerability is critical enough to warrant immediate attention due to the potential for service disruption and possible further exploitation if combined with other vulnerabilities or misconfigurations.

For European organizations, the primary impact of CVE-2022-45499 is the potential disruption of network availability in environments where Tenda W6-S routers are deployed. This could affect small businesses, home offices, or remote workers relying on these devices for internet connectivity and network segmentation. A successful exploit could cause router crashes, leading to loss of internet access and interruption of business operations. Although no direct confidentiality or integrity compromise is indicated, denial of service on network infrastructure can indirectly affect organizational productivity and security monitoring capabilities. Additionally, if attackers develop advanced exploits leveraging this overflow for remote code execution, it could lead to unauthorized control over the router, enabling further lateral movement or persistent access within a network. Given the router's role as a network gateway, such compromise could expose internal network resources to attackers. The lack of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially as threat actors often weaponize disclosed vulnerabilities over time.

1. Immediate firmware update: Organizations and users should check for and apply any firmware updates from Tenda addressing this vulnerability. If no patch is available, consider contacting the vendor for guidance or timelines. 2. Network segmentation: Isolate vulnerable routers from critical network segments to limit potential impact. 3. Access control: Restrict access to the router's management interface to trusted IP addresses or via VPN to reduce exposure to remote attacks. 4. Disable remote management: If enabled, disable remote web management interfaces to prevent external exploitation. 5. Monitor network traffic: Implement IDS/IPS rules to detect anomalous HTTP requests targeting /goform/WifiMacFilterGet or unusual 'wl_radio' parameter usage. 6. Device replacement: For high-risk environments where patching is not feasible, consider replacing affected Tenda W6-S devices with models from vendors with active security support. 7. Incident response readiness: Prepare to respond to potential denial of service incidents affecting network availability, including having backup connectivity options.