CVE-2022-45663 is a high-severity buffer overflow vulnerability identified in the Tenda i22 wireless router firmware version V1.0.0.3(4687). The vulnerability exists in the formWifiMacFilterSet function, specifically triggered via the 'index' parameter. Buffer overflow vulnerabilities such as this arise when a program writes more data to a buffer than it can hold, potentially overwriting adjacent memory. In this case, improper bounds checking on the 'index' parameter allows an attacker to overflow the buffer. The vulnerability is remotely exploitable over the network (Attack Vector: Network), requires no privileges (PR:N), and no user interaction (UI:N), making it relatively easy to exploit. The impact is primarily on availability (A:H), meaning successful exploitation could lead to denial of service conditions such as router crashes or reboots. The CVSS v3.1 base score is 7.5, indicating a high severity level. There is no indication of impact on confidentiality or integrity, nor is there evidence of known exploits in the wild. The vulnerability is classified under CWE-120 (Classic Buffer Overflow), a well-known category of memory corruption bugs that can sometimes be leveraged for code execution, though no such impact is explicitly stated here. No patches or vendor advisories have been linked, suggesting that mitigation may currently rely on workarounds or firmware updates if and when released. Given the critical role of routers in network infrastructure, exploitation could disrupt network availability for affected users or organizations.

For European organizations, the primary impact of CVE-2022-45663 is the potential disruption of network availability due to router crashes or denial of service. This could affect both home office setups and small to medium enterprise environments that deploy the Tenda i22 router. Loss of router availability can interrupt business operations, degrade productivity, and potentially expose organizations to secondary risks if fallback or failover mechanisms are inadequate. While confidentiality and integrity impacts are not indicated, the disruption of network services can indirectly affect security monitoring and incident response capabilities. The lack of authentication or user interaction requirements increases the risk of automated or remote exploitation attempts. Organizations relying on Tenda i22 devices without updated firmware or mitigations may face increased exposure, especially in environments with critical uptime requirements. Additionally, given the router’s role as a network gateway, successful exploitation could be a stepping stone for further attacks if combined with other vulnerabilities or misconfigurations.

1. Immediate mitigation should focus on network segmentation to isolate Tenda i22 devices from critical infrastructure and sensitive data networks, limiting the blast radius of potential exploitation. 2. Monitor network traffic for unusual patterns or repeated requests targeting the router’s management interfaces, which could indicate exploitation attempts. 3. Disable remote management interfaces on the Tenda i22 routers if enabled, reducing the attack surface. 4. Apply strict access control lists (ACLs) to restrict management access to trusted IP addresses only. 5. Regularly check for firmware updates from Tenda and apply them promptly once available to address this vulnerability. 6. If firmware updates are not available, consider replacing affected devices with models from vendors with active security support. 7. Employ intrusion detection/prevention systems (IDS/IPS) with signatures or heuristics capable of detecting buffer overflow attempts targeting router management functions. 8. Conduct internal audits to identify all Tenda i22 devices in the network to ensure comprehensive coverage of mitigation efforts. 9. Educate IT staff on this vulnerability and the importance of router security hygiene to prevent exploitation.