CVE-2022-25446 in AC6info

Summary

by MITRE • 03/19/2022

Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the schedstarttime parameter in the openSchedWifi function.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 03/23/2022

The vulnerability identified as CVE-2022-25446 represents a critical stack overflow flaw within the Tenda AC6 router firmware version 15.03.05.09_multi. This issue manifests through the schedstarttime parameter within the openSchedWifi function, creating a pathway for remote code execution and system compromise. The vulnerability stems from inadequate input validation and memory management practices within the router's web interface handling mechanism.

This stack overflow vulnerability falls under the CWE-121 category of Stack-based Buffer Overflow, where the schedstarttime parameter fails to properly validate input length and content before processing. The flaw occurs when the router's firmware processes user-supplied data through the web management interface, specifically when setting scheduled wifi operations. Attackers can exploit this by crafting malicious input that exceeds the allocated stack buffer space, causing a buffer overflow condition that may result in arbitrary code execution with elevated privileges.

The operational impact of this vulnerability extends beyond simple denial of service scenarios. An attacker with remote access capabilities can leverage this flaw to execute malicious code on the affected router, potentially gaining full administrative control over the device. This compromise could enable attackers to modify network configurations, intercept traffic, establish persistent backdoors, or use the device as a pivot point for attacking other systems within the local network. The vulnerability affects all devices running the specific firmware version, making it particularly dangerous for widespread deployment scenarios.

The attack vector for this vulnerability is primarily through the web interface of the router, where the schedstarttime parameter is processed. This aligns with ATT&CK technique T1059.007 for Command and Scripting Interpreter and T1021.001 for Remote Services. The vulnerability demonstrates poor input validation practices that violate secure coding principles and could be mitigated through proper bounds checking, stack canaries, and address space layout randomization. Network segmentation and monitoring for unusual traffic patterns may provide additional detection capabilities while firmware updates remain the primary remediation strategy.

Security professionals should prioritize immediate firmware updates from Tenda's official sources to address this vulnerability. Organizations should implement network monitoring to detect potential exploitation attempts and maintain inventory tracking of affected devices. The vulnerability highlights the importance of firmware security testing and regular security audits for network infrastructure devices, particularly those with web-based management interfaces. Implementation of network access controls and limiting administrative access to only necessary systems can reduce the attack surface and potential impact of such vulnerabilities.

Reservation

02/21/2022

Disclosure

03/19/2022

Moderation

accepted

CPE

ready

EPSS

0.01665

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!