CVE-2022-45643 is a high-severity buffer overflow vulnerability identified in the firmware of the Tenda AC6 V1.0 router, specifically version 15.03.05.19. The flaw exists in the addWifiMacFilter function, where the deviceId parameter is not properly validated, allowing an attacker to overflow the buffer. This vulnerability is classified under CWE-120, which pertains to classic buffer overflow issues. Exploitation of this vulnerability requires no privileges (PR:N), no user interaction (UI:N), and can be performed remotely over the network (AV:N). The impact is primarily on availability (A:H), meaning an attacker can cause denial of service or potentially crash the device. There is no indication of confidentiality or integrity compromise. The vulnerability affects the router's firmware, which is embedded software controlling network traffic and device management. Although no known exploits are currently reported in the wild, the ease of remote exploitation and lack of required authentication make this a significant risk. The absence of vendor or product details beyond the Tenda AC6 model and firmware version limits the scope of affected devices to this specific router model and firmware version. No patches or mitigation links have been provided, indicating that users may need to rely on vendor updates or workarounds once available.

For European organizations, especially small and medium enterprises or home office environments using Tenda AC6 routers, this vulnerability poses a risk of network disruption through denial of service attacks. The router is a critical network infrastructure component; its failure can lead to loss of internet connectivity, impacting business operations, remote work, and access to cloud services. While the vulnerability does not directly compromise data confidentiality or integrity, the resulting downtime can cause operational delays and potential financial losses. Additionally, compromised routers could be leveraged as part of larger botnets or lateral movement within networks if combined with other vulnerabilities. Given the remote exploitability without authentication, attackers could target vulnerable devices en masse, potentially affecting multiple organizations simultaneously. The lack of known exploits in the wild suggests the threat is currently theoretical but could escalate if exploit code becomes available.

1. Immediate mitigation should include isolating Tenda AC6 routers running firmware version 15.03.05.19 from critical network segments to limit exposure. 2. Network administrators should monitor router logs and network traffic for unusual patterns indicative of exploitation attempts, such as repeated malformed requests targeting the deviceId parameter. 3. Employ network-level protections such as firewall rules to restrict access to router management interfaces from untrusted networks, especially blocking WAN-side access. 4. Where possible, replace or upgrade affected routers to models with updated firmware that addresses this vulnerability once available. 5. If vendor patches are released, prioritize prompt firmware updates following secure update procedures to avoid introducing additional risks. 6. Implement network segmentation to limit the impact of a compromised router on the broader organizational network. 7. Educate users and IT staff about the risks associated with this vulnerability and the importance of maintaining updated network device firmware.