CVE-2022-45650 is a high-severity buffer overflow vulnerability identified in the Tenda AC6V1.0 router firmware version 15.03.05.19. The vulnerability arises from improper handling of the firewallEn parameter within the formSetFirewallCfg function. Specifically, this parameter is susceptible to a buffer overflow condition, classified under CWE-120, which occurs when data exceeding the allocated buffer size is written, potentially overwriting adjacent memory. The vulnerability is remotely exploitable over the network (AV:N), requires no privileges (PR:N), and no user interaction (UI:N), making it particularly dangerous. The impact vector is limited to availability (A:H), meaning exploitation can cause denial of service or device crashes, but does not directly compromise confidentiality or integrity. The vulnerability affects the router's firewall configuration interface, which is typically exposed to local networks and possibly to the internet if remote management is enabled. No patches or known exploits have been reported as of the publication date (December 2, 2022). Given the nature of the vulnerability, attackers could potentially disrupt network connectivity by crashing the device or causing it to reboot, leading to service outages. The absence of authentication requirements and user interaction lowers the barrier for exploitation, increasing the risk profile. The vulnerability was reserved on November 21, 2022, and enriched by CISA, indicating recognition by US cybersecurity authorities. However, the lack of detailed vendor or product information beyond the Tenda AC6V1.0 router limits the scope of public technical details available.

For European organizations, this vulnerability poses a significant risk to network availability, especially for small and medium enterprises or home offices relying on Tenda AC6 routers for internet connectivity. A successful exploit could result in denial of service, disrupting business operations, communications, and access to cloud or internal resources. Critical infrastructure or sectors with high dependency on continuous network uptime, such as healthcare, finance, or manufacturing, could experience operational interruptions if these devices are deployed within their network perimeters. Although confidentiality and integrity are not directly impacted, the loss of availability can indirectly affect business continuity and incident response capabilities. Additionally, if exploited in a coordinated manner, this vulnerability could be leveraged in larger denial-of-service campaigns or as part of multi-stage attacks targeting network infrastructure. The lack of authentication and user interaction requirements increases the likelihood of automated exploitation attempts, especially in environments where remote management interfaces are exposed to the internet without adequate protections.

1. Immediate network segmentation: Isolate Tenda AC6 routers from critical network segments to minimize impact in case of exploitation. 2. Disable remote management interfaces on affected devices to reduce exposure to external attackers. 3. Monitor network traffic for unusual patterns or repeated attempts to access firewall configuration endpoints, which may indicate exploitation attempts. 4. Implement strict firewall rules to restrict access to router management interfaces to trusted IP addresses only. 5. Regularly audit and inventory network devices to identify the presence of Tenda AC6 routers running vulnerable firmware versions. 6. Engage with Tenda support channels to obtain firmware updates or security advisories; if no official patch is available, consider replacing vulnerable devices with models from vendors providing timely security updates. 7. Employ network-level denial-of-service protections and intrusion detection systems tuned to detect anomalies related to buffer overflow exploitation attempts. 8. Educate network administrators about the vulnerability and encourage prompt incident reporting and response procedures in case of suspected exploitation.