CVE-2023-45481: n/a in n/a
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg.
AI Analysis
Technical Summary
CVE-2023-45481 is a critical stack overflow vulnerability identified in the Tenda AC10 router, specifically in the firmware version US_AC10V4.0si_V16.03.10.13_cn. The vulnerability arises from improper handling of the firewallEn parameter within the SetFirewallCfg function. A stack overflow occurs when more data is written to a buffer located on the stack than it can hold, potentially allowing an attacker to overwrite adjacent memory. This can lead to arbitrary code execution, denial of service, or system compromise. The vulnerability has a CVSS v3.1 base score of 9.8, indicating a critical severity level. It requires no authentication (PR:N) and no user interaction (UI:N), and can be exploited remotely over the network (AV:N). The impact affects confidentiality, integrity, and availability (C:H/I:H/A:H). The scope is unchanged (S:U), meaning the vulnerability affects the vulnerable component only. Although no known exploits are currently reported in the wild, the ease of exploitation combined with the critical severity makes this a significant threat. The vulnerability is categorized under CWE-121, which relates to stack-based buffer overflows. No official patches or vendor advisories are currently linked, indicating that affected users should be vigilant and apply updates once available or implement mitigations to reduce exposure.
Potential Impact
For European organizations, this vulnerability poses a severe risk, especially for those using Tenda AC10 routers in their network infrastructure. Successful exploitation could allow attackers to gain unauthorized control over the device, leading to interception or manipulation of network traffic, disruption of internet connectivity, or pivoting to internal networks. This could result in data breaches, operational downtime, and compromise of sensitive information. Given the criticality and remote exploitability without authentication, attackers could target vulnerable routers en masse, potentially impacting small and medium enterprises, home offices, and branch networks that rely on these devices. The lack of patches increases the window of exposure. Additionally, compromised routers could be leveraged as part of botnets or for launching further attacks against European entities, amplifying the threat landscape.
Mitigation Recommendations
European organizations should immediately inventory their network devices to identify any Tenda AC10 routers running the vulnerable firmware version US_AC10V4.0si_V16.03.10.13_cn. Until an official patch is released, organizations should restrict remote access to router management interfaces by implementing network segmentation and firewall rules that limit access to trusted IP addresses only. Disabling remote management features and UPnP on these devices can reduce exposure. Monitoring network traffic for unusual patterns or signs of exploitation attempts is advised. Organizations should also subscribe to vendor advisories and CVE databases for updates on patches or workarounds. Where possible, replacing vulnerable devices with alternative models that receive timely security updates is recommended. Employing network intrusion detection systems (NIDS) with signatures for stack overflow attempts targeting Tenda routers can provide early warning. Finally, educating users about the risks and encouraging prompt firmware updates when available will help mitigate the threat.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland
CVE-2023-45481: n/a in n/a
Description
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg.
AI-Powered Analysis
Technical Analysis
CVE-2023-45481 is a critical stack overflow vulnerability identified in the Tenda AC10 router, specifically in the firmware version US_AC10V4.0si_V16.03.10.13_cn. The vulnerability arises from improper handling of the firewallEn parameter within the SetFirewallCfg function. A stack overflow occurs when more data is written to a buffer located on the stack than it can hold, potentially allowing an attacker to overwrite adjacent memory. This can lead to arbitrary code execution, denial of service, or system compromise. The vulnerability has a CVSS v3.1 base score of 9.8, indicating a critical severity level. It requires no authentication (PR:N) and no user interaction (UI:N), and can be exploited remotely over the network (AV:N). The impact affects confidentiality, integrity, and availability (C:H/I:H/A:H). The scope is unchanged (S:U), meaning the vulnerability affects the vulnerable component only. Although no known exploits are currently reported in the wild, the ease of exploitation combined with the critical severity makes this a significant threat. The vulnerability is categorized under CWE-121, which relates to stack-based buffer overflows. No official patches or vendor advisories are currently linked, indicating that affected users should be vigilant and apply updates once available or implement mitigations to reduce exposure.
Potential Impact
For European organizations, this vulnerability poses a severe risk, especially for those using Tenda AC10 routers in their network infrastructure. Successful exploitation could allow attackers to gain unauthorized control over the device, leading to interception or manipulation of network traffic, disruption of internet connectivity, or pivoting to internal networks. This could result in data breaches, operational downtime, and compromise of sensitive information. Given the criticality and remote exploitability without authentication, attackers could target vulnerable routers en masse, potentially impacting small and medium enterprises, home offices, and branch networks that rely on these devices. The lack of patches increases the window of exposure. Additionally, compromised routers could be leveraged as part of botnets or for launching further attacks against European entities, amplifying the threat landscape.
Mitigation Recommendations
European organizations should immediately inventory their network devices to identify any Tenda AC10 routers running the vulnerable firmware version US_AC10V4.0si_V16.03.10.13_cn. Until an official patch is released, organizations should restrict remote access to router management interfaces by implementing network segmentation and firewall rules that limit access to trusted IP addresses only. Disabling remote management features and UPnP on these devices can reduce exposure. Monitoring network traffic for unusual patterns or signs of exploitation attempts is advised. Organizations should also subscribe to vendor advisories and CVE databases for updates on patches or workarounds. Where possible, replacing vulnerable devices with alternative models that receive timely security updates is recommended. Employing network intrusion detection systems (NIDS) with signatures for stack overflow attempts targeting Tenda routers can provide early warning. Finally, educating users about the risks and encouraging prompt firmware updates when available will help mitigate the threat.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2023-10-09T00:00:00.000Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6841a29c182aa0cae2e196cb
Added to database: 6/5/2025, 1:58:52 PM
Last enriched: 7/7/2025, 10:29:11 AM
Last updated: 8/8/2025, 2:43:16 PM
Views: 13
Related Threats
CVE-2025-8885: CWE-770 Allocation of Resources Without Limits or Throttling in Legion of the Bouncy Castle Inc. Bouncy Castle for Java
MediumCVE-2025-26398: CWE-798 Use of Hard-coded Credentials in SolarWinds Database Performance Analyzer
MediumCVE-2025-41686: CWE-306 Missing Authentication for Critical Function in Phoenix Contact DaUM
HighCVE-2025-8874: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in litonice13 Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations
MediumCVE-2025-8767: CWE-1236 Improper Neutralization of Formula Elements in a CSV File in anwppro AnWP Football Leagues
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.