CVE-2022-45647: n/a in n/a
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function.
AI Analysis
Technical Summary
CVE-2022-45647 is a high-severity buffer overflow vulnerability identified in the Tenda AC6V1.0 router firmware version 15.03.05.19. The vulnerability arises from improper handling of the 'limitSpeed' parameter within the formSetClientState function. Specifically, the buffer overflow occurs when this parameter is processed without adequate bounds checking, leading to potential memory corruption. This type of vulnerability is classified under CWE-120, which pertains to classic buffer overflow errors that can result in arbitrary code execution or denial of service. The vulnerability is remotely exploitable over the network (AV:N), requires no privileges (PR:N), and no user interaction (UI:N), making it particularly dangerous. The CVSS v3.1 base score is 7.5, indicating a high severity level. The impact vector indicates that while confidentiality and integrity are not directly affected (C:N, I:N), the availability of the device can be compromised (A:H), potentially causing the router to crash or reboot. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability affects a specific firmware version of the Tenda AC6 router, a consumer-grade networking device commonly used in home and small office environments. Attackers could exploit this flaw to disrupt network connectivity or potentially leverage it as a foothold for further attacks within the local network environment.
Potential Impact
For European organizations, especially small and medium enterprises (SMEs) and residential users relying on Tenda AC6 routers, this vulnerability poses a significant risk to network availability. Disruption of router functionality can lead to loss of internet connectivity, impacting business operations, remote work capabilities, and access to cloud services. Although the vulnerability does not directly compromise confidentiality or integrity, denial of service on critical network infrastructure can indirectly affect operational continuity and productivity. In environments where these routers are deployed as part of critical communication infrastructure, such as small branch offices or remote sites, exploitation could result in extended downtime. Additionally, compromised routers could be used as pivot points for lateral movement or as part of botnets, increasing the threat landscape for European networks. The lack of required authentication and user interaction lowers the barrier for exploitation, potentially enabling widespread automated attacks if exploit code becomes available.
Mitigation Recommendations
1. Immediate network segmentation: Isolate Tenda AC6 routers from critical network segments to limit potential impact. 2. Monitor network traffic for unusual activity targeting router management interfaces, especially HTTP requests containing the 'limitSpeed' parameter. 3. Disable remote management features on affected devices to reduce exposure. 4. Replace or upgrade firmware: Although no official patch is currently linked, users should regularly check Tenda's official channels for firmware updates addressing this vulnerability. 5. Where possible, replace vulnerable Tenda AC6 routers with devices from vendors with robust security update practices. 6. Implement network-level protections such as intrusion detection/prevention systems (IDS/IPS) configured to detect buffer overflow attempts or anomalous traffic patterns targeting router management endpoints. 7. Educate users and administrators about the risks of using outdated firmware and the importance of timely updates. 8. For organizations with asset management, identify all Tenda AC6 devices to prioritize mitigation efforts.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland, Belgium
CVE-2022-45647: n/a in n/a
Description
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function.
AI-Powered Analysis
Technical Analysis
CVE-2022-45647 is a high-severity buffer overflow vulnerability identified in the Tenda AC6V1.0 router firmware version 15.03.05.19. The vulnerability arises from improper handling of the 'limitSpeed' parameter within the formSetClientState function. Specifically, the buffer overflow occurs when this parameter is processed without adequate bounds checking, leading to potential memory corruption. This type of vulnerability is classified under CWE-120, which pertains to classic buffer overflow errors that can result in arbitrary code execution or denial of service. The vulnerability is remotely exploitable over the network (AV:N), requires no privileges (PR:N), and no user interaction (UI:N), making it particularly dangerous. The CVSS v3.1 base score is 7.5, indicating a high severity level. The impact vector indicates that while confidentiality and integrity are not directly affected (C:N, I:N), the availability of the device can be compromised (A:H), potentially causing the router to crash or reboot. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability affects a specific firmware version of the Tenda AC6 router, a consumer-grade networking device commonly used in home and small office environments. Attackers could exploit this flaw to disrupt network connectivity or potentially leverage it as a foothold for further attacks within the local network environment.
Potential Impact
For European organizations, especially small and medium enterprises (SMEs) and residential users relying on Tenda AC6 routers, this vulnerability poses a significant risk to network availability. Disruption of router functionality can lead to loss of internet connectivity, impacting business operations, remote work capabilities, and access to cloud services. Although the vulnerability does not directly compromise confidentiality or integrity, denial of service on critical network infrastructure can indirectly affect operational continuity and productivity. In environments where these routers are deployed as part of critical communication infrastructure, such as small branch offices or remote sites, exploitation could result in extended downtime. Additionally, compromised routers could be used as pivot points for lateral movement or as part of botnets, increasing the threat landscape for European networks. The lack of required authentication and user interaction lowers the barrier for exploitation, potentially enabling widespread automated attacks if exploit code becomes available.
Mitigation Recommendations
1. Immediate network segmentation: Isolate Tenda AC6 routers from critical network segments to limit potential impact. 2. Monitor network traffic for unusual activity targeting router management interfaces, especially HTTP requests containing the 'limitSpeed' parameter. 3. Disable remote management features on affected devices to reduce exposure. 4. Replace or upgrade firmware: Although no official patch is currently linked, users should regularly check Tenda's official channels for firmware updates addressing this vulnerability. 5. Where possible, replace vulnerable Tenda AC6 routers with devices from vendors with robust security update practices. 6. Implement network-level protections such as intrusion detection/prevention systems (IDS/IPS) configured to detect buffer overflow attempts or anomalous traffic patterns targeting router management endpoints. 7. Educate users and administrators about the risks of using outdated firmware and the importance of timely updates. 8. For organizations with asset management, identify all Tenda AC6 devices to prioritize mitigation efforts.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2022-11-21T00:00:00.000Z
- Cisa Enriched
- true
Threat ID: 682d9840c4522896dcbf149f
Added to database: 5/21/2025, 9:09:20 AM
Last enriched: 6/22/2025, 12:12:46 AM
Last updated: 8/15/2025, 10:35:09 AM
Views: 11
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.