CVE-2022-45647 is a high-severity buffer overflow vulnerability identified in the Tenda AC6V1.0 router firmware version 15.03.05.19. The vulnerability arises from improper handling of the 'limitSpeed' parameter within the formSetClientState function. Specifically, the buffer overflow occurs when this parameter is processed without adequate bounds checking, leading to potential memory corruption. This type of vulnerability is classified under CWE-120, which pertains to classic buffer overflow errors that can result in arbitrary code execution or denial of service. The vulnerability is remotely exploitable over the network (AV:N), requires no privileges (PR:N), and no user interaction (UI:N), making it particularly dangerous. The CVSS v3.1 base score is 7.5, indicating a high severity level. The impact vector indicates that while confidentiality and integrity are not directly affected (C:N, I:N), the availability of the device can be compromised (A:H), potentially causing the router to crash or reboot. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability affects a specific firmware version of the Tenda AC6 router, a consumer-grade networking device commonly used in home and small office environments. Attackers could exploit this flaw to disrupt network connectivity or potentially leverage it as a foothold for further attacks within the local network environment.

For European organizations, especially small and medium enterprises (SMEs) and residential users relying on Tenda AC6 routers, this vulnerability poses a significant risk to network availability. Disruption of router functionality can lead to loss of internet connectivity, impacting business operations, remote work capabilities, and access to cloud services. Although the vulnerability does not directly compromise confidentiality or integrity, denial of service on critical network infrastructure can indirectly affect operational continuity and productivity. In environments where these routers are deployed as part of critical communication infrastructure, such as small branch offices or remote sites, exploitation could result in extended downtime. Additionally, compromised routers could be used as pivot points for lateral movement or as part of botnets, increasing the threat landscape for European networks. The lack of required authentication and user interaction lowers the barrier for exploitation, potentially enabling widespread automated attacks if exploit code becomes available.

1. Immediate network segmentation: Isolate Tenda AC6 routers from critical network segments to limit potential impact. 2. Monitor network traffic for unusual activity targeting router management interfaces, especially HTTP requests containing the 'limitSpeed' parameter. 3. Disable remote management features on affected devices to reduce exposure. 4. Replace or upgrade firmware: Although no official patch is currently linked, users should regularly check Tenda's official channels for firmware updates addressing this vulnerability. 5. Where possible, replace vulnerable Tenda AC6 routers with devices from vendors with robust security update practices. 6. Implement network-level protections such as intrusion detection/prevention systems (IDS/IPS) configured to detect buffer overflow attempts or anomalous traffic patterns targeting router management endpoints. 7. Educate users and administrators about the risks of using outdated firmware and the importance of timely updates. 8. For organizations with asset management, identify all Tenda AC6 devices to prioritize mitigation efforts.