CVE-2024-44549 is a stack overflow vulnerability identified in the Tenda AX1806 router firmware version 1.0.0.1. The vulnerability resides in the function formGetIptv, specifically through improper handling of the iptv.stb.port parameter. When this parameter is manipulated, it can cause a stack-based buffer overflow (CWE-121), which may allow an attacker to overwrite the stack memory. This can lead to arbitrary code execution or denial of service conditions on the affected device. The vulnerability requires the attacker to have local network access and low privileges (PR:L), with no user interaction needed (UI:N). The attack vector is local (AV:L), meaning remote exploitation over the internet is unlikely without prior network access. The CVSS v3.1 base score is 6.6, reflecting medium severity due to the potential impact on integrity (high) and availability (low), with limited confidentiality impact. No patches or known exploits are currently available, but the vulnerability is publicly disclosed and should be addressed promptly. The affected product, Tenda AX1806, is a consumer-grade Wi-Fi 6 router commonly used in residential and small office environments. The vulnerability could be exploited by malicious insiders or attackers who gain access to the local network, potentially compromising network security and device stability.

The primary impact of CVE-2024-44549 is the potential for an attacker with local network access to execute arbitrary code or cause a denial of service on Tenda AX1806 routers. This could lead to compromised network infrastructure, allowing attackers to intercept, modify, or disrupt network traffic. For organizations, this may result in degraded network performance, loss of availability, and potential lateral movement within the network if exploited. The integrity of the router’s firmware and configuration could be compromised, enabling persistent backdoors or further exploitation. Although the attack requires local access and low privileges, environments with weak network segmentation or guest network controls are at higher risk. The absence of known exploits reduces immediate threat but does not eliminate the risk of future exploitation. The vulnerability could affect home users, small businesses, and any organization relying on Tenda AX1806 devices, potentially impacting confidentiality, integrity, and availability of network communications.

1. Restrict local network access to the router’s management interfaces by implementing strong network segmentation and access controls. 2. Disable IPTV features or services on the Tenda AX1806 router if they are not required, reducing the attack surface related to the iptv.stb.port parameter. 3. Monitor network traffic for unusual activity that may indicate exploitation attempts targeting the IPTV functionality. 4. Apply firmware updates or patches from Tenda as soon as they become available to address this vulnerability. 5. Employ network intrusion detection systems (NIDS) to detect anomalous packets or malformed requests targeting the IPTV service. 6. Educate users and administrators about the risks of local network threats and enforce strong authentication mechanisms for device management. 7. Consider replacing affected devices with models from vendors with a stronger security track record if timely patches are not provided. 8. Regularly audit and review router configurations to ensure no unnecessary services are enabled and that security best practices are followed.