CVE-2022-45646 is a high-severity buffer overflow vulnerability identified in the Tenda AC6V1.0 router firmware version 15.03.05.19. The flaw exists in the formSetClientState function, specifically triggered by the limitSpeedUp parameter. Buffer overflow vulnerabilities occur when a program writes more data to a buffer than it can hold, potentially overwriting adjacent memory. In this case, the vulnerability can be exploited remotely over the network without requiring any privileges or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The vulnerability impacts availability (A:H) but does not affect confidentiality or integrity directly. Exploiting this flaw could cause the device to crash or reboot, resulting in denial of service (DoS). Although no known exploits are currently reported in the wild, the ease of exploitation and network accessibility make it a significant risk. The vulnerability is categorized under CWE-120, which refers to classic buffer overflow issues that can lead to memory corruption. No patches or vendor advisories are currently linked, which may delay remediation efforts. Given the nature of the device—a consumer-grade router—this vulnerability could be leveraged to disrupt network connectivity for affected users or potentially serve as a foothold for further attacks if combined with other vulnerabilities or misconfigurations.

For European organizations, the impact of this vulnerability primarily concerns network availability and operational continuity. Tenda AC6 routers are commonly used in small office/home office (SOHO) environments and some small enterprises due to their affordability and ease of deployment. A successful exploitation could cause routers to crash or reboot, leading to temporary loss of internet connectivity and disruption of business operations reliant on these devices. While the vulnerability does not directly compromise data confidentiality or integrity, the resulting denial of service could affect remote work capabilities, VoIP communications, and access to cloud services. In critical infrastructure or sensitive environments where network uptime is essential, such disruptions could have cascading effects. Additionally, if attackers use this vulnerability as part of a multi-stage attack, it could facilitate lateral movement or network reconnaissance. The lack of authentication requirement and user interaction increases the risk, especially in environments where these routers are exposed to the internet or untrusted networks.

Immediately identify and inventory all Tenda AC6 routers, specifically version 15.03.05.19, within the organization's network environment. Restrict remote management access to these routers by disabling WAN-side administration or limiting access via firewall rules to trusted IP addresses only. Implement network segmentation to isolate vulnerable devices from critical infrastructure and sensitive data systems. Monitor network traffic for unusual patterns or repeated requests targeting the limitSpeedUp parameter or the formSetClientState function, which could indicate exploitation attempts. If possible, replace affected Tenda AC6 routers with models from vendors with active security support and timely patch releases. Engage with Tenda support channels to request firmware updates or patches addressing this vulnerability; if none are available, consider deploying compensating controls such as intrusion prevention systems (IPS) with custom signatures. Educate IT staff on this specific vulnerability to ensure rapid response to any signs of exploitation or device instability. Regularly back up router configurations and maintain an incident response plan that includes network device failures due to exploitation.