CVE-2022-45644 is a high-severity buffer overflow vulnerability identified in the Tenda AC6V1.0 router firmware version 15.03.05.19. The flaw exists in the formSetClientState function, specifically triggered by the deviceId parameter. Buffer overflow vulnerabilities occur when a program writes more data to a buffer than it can hold, potentially overwriting adjacent memory. In this case, the vulnerability allows an unauthenticated remote attacker to send a specially crafted request to the affected device over the network, exploiting the deviceId parameter to cause a buffer overflow. This can lead to denial of service (DoS) conditions by crashing the device or potentially enable remote code execution (RCE) if an attacker can control the overwritten memory. The CVSS 3.1 base score is 7.5, reflecting a network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact is limited to availability (A:H) with no confidentiality or integrity impact reported. The vulnerability is categorized under CWE-120 (Classic Buffer Overflow). No patches or known exploits in the wild have been reported as of the publication date (December 2, 2022). The affected product is the Tenda AC6 router, a consumer-grade wireless access device commonly used in home and small office environments. The vulnerability could be exploited remotely without authentication, making it a significant risk for exposed devices on the internet or untrusted networks. However, the lack of reported exploitation and absence of integrity or confidentiality impact somewhat limits the immediate risk to data theft or manipulation. Still, the potential for service disruption or device compromise remains a serious concern.

For European organizations, the primary impact of CVE-2022-45644 is the potential disruption of network connectivity and availability due to router crashes or forced reboots. This can affect both home users and small businesses relying on Tenda AC6 routers for internet access. In environments where these routers are used as primary gateways, exploitation could lead to network downtime, impacting productivity and communications. Although the vulnerability does not directly compromise confidentiality or integrity, denial of service on network infrastructure can indirectly affect business operations, especially for remote workers or small branch offices. Additionally, if the vulnerability were to be chained with other exploits, it could lead to more severe compromises. European organizations with limited IT support or those that deploy consumer-grade networking equipment without rigorous security management are particularly at risk. The lack of authentication requirement and ease of exploitation increase the threat level, especially for devices exposed to the public internet or poorly segmented internal networks.

1. Immediate mitigation should focus on isolating affected Tenda AC6 routers from untrusted networks, especially the internet, to reduce exposure. 2. Network administrators should implement strict firewall rules to block unsolicited inbound traffic targeting router management interfaces or known vulnerable endpoints. 3. Monitor network traffic for unusual requests containing malformed deviceId parameters or signs of attempted exploitation. 4. Replace or upgrade affected devices with newer firmware versions once available from Tenda, or consider alternative hardware with better security track records. 5. For organizations using these routers in critical environments, deploy network segmentation to limit the impact of potential device compromise or denial of service. 6. Educate users and IT staff about the risks of using consumer-grade routers in business-critical roles and encourage regular security assessments of network infrastructure. 7. If firmware updates are not available, consider disabling remote management features or restricting access to trusted IP addresses only. 8. Maintain up-to-date inventory of network devices to quickly identify and remediate vulnerable hardware.