CVE-2022-25550 – A stack overflow vulnerability in Tenda AX1806 ... (How to Fix)

Q: What is the severity of CVE-2022-25550?

CVE-2022-25550 has a CVSS score of 7.5 (HIGH). A stack overflow vulnerability in Tenda AX1806 routers allows attackers to cause Denial of Service by sending specially crafted deviceName parameters to the saveParentControlInfo function. This affects Tenda AX1806 v1.0.0.1 devices, potentially disrupting network connectivity for users.

📋 TL;DR

A stack overflow vulnerability in Tenda AX1806 routers allows attackers to cause Denial of Service by sending specially crafted deviceName parameters to the saveParentControlInfo function. This affects Tenda AX1806 v1.0.0.1 devices, potentially disrupting network connectivity for users.

💻 Affected Systems

Products:

Tenda AX1806

Versions: v1.0.0.1

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with default configurations; parent control feature must be accessible.

📦 What is this software?

Ax1806 Firmware by Tenda

View all CVEs affecting Ax1806 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device crash requiring physical reboot, persistent network outage until manual intervention.

🟠

Likely Case

Temporary service disruption, router reboot needed to restore functionality.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public proof-of-concept available in GitHub repositories; exploitation requires network access to vulnerable interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Check Tenda website for firmware updates addressing CVE-2022-25550.

🔧 Temporary Workarounds

Disable Parent Control Feature

all

Turn off parent control functionality to remove vulnerable code path.

Access router admin interface > Parental Controls > Disable

Restrict Network Access

linux

Block external access to router admin interface using firewall rules.

iptables -A INPUT -p tcp --dport 80 -j DROP
iptables -A INPUT -p tcp --dport 443 -j DROP

🧯 If You Can't Patch

Segment vulnerable devices on isolated network segments
Implement strict network access controls to limit exposure

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface; if version is v1.0.0.1, device is vulnerable.

Check Version:

curl -s http://router-ip/status | grep version

Verify Fix Applied:

Verify firmware version has been updated beyond v1.0.0.1 or parent control feature is disabled.

📡 Detection & Monitoring

Log Indicators:

Repeated connection attempts to parent control endpoint
Router reboot events following malformed requests

Network Indicators:

Unusual HTTP POST requests to saveParentControlInfo endpoint with long deviceName parameters

SIEM Query:

source="router.log" AND "saveParentControlInfo" AND deviceName.length>100

📊 Metadata

CVE ID: CVE-2022-25550

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-787

Published: March 10, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/9 Exploit,Third Party Advisory
https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX1806/9 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-25550, you might also want to check these: