Skip to main content

CVE-2022-45980: n/a in n/a

High
VulnerabilityCVE-2022-45980cvecve-2022-45980n-acwe-352
Published: Mon Dec 12 2022 (12/12/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet .

AI-Powered Analysis

AILast updated: 06/21/2025, 15:53:46 UTC

Technical Analysis

CVE-2022-45980 is a high-severity vulnerability identified in the firmware version V22.03.01.21_CN of the Tenda AX12 router. The vulnerability is a Cross-Site Request Forgery (CSRF) flaw located in the /goform/SysToolRestoreSet endpoint. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged HTTP request, which can cause the victim's browser to perform unwanted actions on the vulnerable device without their consent. In this case, the endpoint appears to be related to system restore or reset functionality, which implies that exploitation could lead to unauthorized restoration or modification of device settings. The CVSS v3.1 base score is 8.8, indicating a high severity level, with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This means the attack can be performed remotely over the network without privileges, requires low attack complexity, needs user interaction (the victim must visit a malicious page), and impacts confidentiality, integrity, and availability to a high degree. The vulnerability does not require authentication, increasing its risk profile. No patches or known exploits in the wild have been reported at the time of publication. The CWE-352 classification confirms the nature of the vulnerability as a CSRF issue. Given the nature of the device (a consumer or small office router), exploitation could allow attackers to disrupt network connectivity, alter device configurations, or potentially pivot into internal networks, leading to significant compromise.

Potential Impact

For European organizations, especially small and medium enterprises (SMEs) and home office users relying on Tenda AX12 routers, this vulnerability poses a significant risk. Successful exploitation could lead to unauthorized resetting or reconfiguration of network devices, resulting in network downtime, loss of confidentiality due to potential interception or redirection of traffic, and integrity breaches through altered device settings. This could disrupt business operations, cause data leakage, or enable further attacks within the internal network. Given the router's role as a network gateway, attackers could leverage this vulnerability to bypass security controls, install malicious firmware, or create persistent backdoors. The impact is particularly critical for organizations with limited IT security resources or those that do not regularly update router firmware. Additionally, sectors with high dependency on continuous network availability, such as finance, healthcare, and critical infrastructure, could face operational and reputational damage if targeted.

Mitigation Recommendations

1. Immediate mitigation involves restricting access to the router's management interface from untrusted networks, ideally limiting it to local LAN access only. 2. Disable remote management features if not required to reduce exposure. 3. Implement network segmentation to isolate vulnerable devices from critical systems. 4. Educate users to avoid clicking on suspicious links or visiting untrusted websites while connected to the vulnerable network to reduce the risk of CSRF exploitation. 5. Monitor network traffic for unusual activity that could indicate exploitation attempts. 6. Since no official patch is currently available, consider deploying compensating controls such as Web Application Firewalls (WAFs) or Intrusion Prevention Systems (IPS) that can detect and block CSRF attack patterns targeting the /goform/SysToolRestoreSet endpoint. 7. Regularly check for firmware updates from Tenda and apply them promptly once a patch addressing this vulnerability is released. 8. For organizations with advanced capabilities, consider replacing vulnerable devices with models from vendors with stronger security track records and timely patch management.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-11-28T00:00:00.000Z
Cisa Enriched
true

Threat ID: 682d9848c4522896dcbf6074

Added to database: 5/21/2025, 9:09:28 AM

Last enriched: 6/21/2025, 3:53:46 PM

Last updated: 8/7/2025, 6:55:45 PM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats