CVE-2023-51964 is a critical stack overflow vulnerability identified in the Tenda AX1803 router firmware version 1.0.0.1. The flaw exists in the function setIptvInfo, specifically triggered by the iptv.stb.port parameter. A stack overflow occurs when the input to this parameter exceeds the buffer size allocated on the stack, allowing an attacker to overwrite adjacent memory. This can lead to arbitrary code execution, denial of service, or system crashes. The vulnerability is remotely exploitable over the network without requiring authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The CVSS score of 9.8 reflects the critical nature of this vulnerability, with high impact on confidentiality, integrity, and availability. The CWE-787 classification confirms this is a classic stack-based buffer overflow issue. No patches or fixes have been linked yet, and there are no known exploits in the wild at the time of publication. However, given the ease of exploitation and the critical impact, this vulnerability poses a significant risk to affected devices.

For European organizations, the impact of this vulnerability can be severe. The Tenda AX1803 router is commonly used in small to medium-sized enterprises and residential environments for internet connectivity and IPTV services. Exploitation could allow attackers to gain full control over the router, intercept or manipulate network traffic, disrupt internet access, or pivot into internal networks. This could lead to data breaches, espionage, service outages, and compromise of connected devices. Critical infrastructure providers, ISPs, and enterprises relying on Tenda routers for IPTV or network management could face operational disruptions and reputational damage. The lack of authentication requirement and remote exploitability increases the risk of widespread attacks, especially in environments where these routers are exposed to the internet or poorly segmented internal networks.

Organizations should immediately identify and isolate Tenda AX1803 routers running firmware version 1.0.0.1. Since no official patch is currently available, network administrators should implement compensating controls such as restricting access to router management interfaces via firewall rules, disabling IPTV services if not needed, and segmenting affected devices away from critical network segments. Monitoring network traffic for unusual activity targeting the iptv.stb.port parameter or signs of exploitation attempts is recommended. Vendors and users should prioritize firmware updates once patches are released. Additionally, deploying network intrusion detection/prevention systems (IDS/IPS) with signatures for buffer overflow attempts against Tenda routers can help detect and block exploitation attempts. Regularly auditing network devices for outdated firmware and applying security best practices for IoT and network equipment is essential.