CVE-2023-44023 – This vulnerability allows remote attackers to e... (How to Fix)

Q: What is the severity of CVE-2023-44023?

CVE-2023-44023 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows remote attackers to execute arbitrary code on Tenda AC10U routers by exploiting a stack overflow in the WiFi configuration function. Attackers can send specially crafted requests to the router's web interface, potentially gaining full control of the device. This affects all users running the vulnerable firmware version.

📋 TL;DR

This vulnerability allows remote attackers to execute arbitrary code on Tenda AC10U routers by exploiting a stack overflow in the WiFi configuration function. Attackers can send specially crafted requests to the router's web interface, potentially gaining full control of the device. This affects all users running the vulnerable firmware version.

💻 Affected Systems

Products:

Tenda AC10U

Versions: v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the specific firmware version mentioned; other versions may also be vulnerable but unconfirmed.

📦 What is this software?

Ac10u Firmware by Tendacn

View all CVEs affecting Ac10u Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the router leading to persistent backdoor installation, network traffic interception, credential theft, and lateral movement to connected devices.

🟠

Likely Case

Remote code execution allowing attackers to modify router settings, intercept traffic, or use the router as part of a botnet.

🟢

If Mitigated

Limited impact if the router is behind a firewall with restricted WAN access and strong authentication requirements.

🌐 Internet-Facing: HIGH - Routers are typically internet-facing devices, and this vulnerability can be exploited remotely without authentication.

🏢 Internal Only: MEDIUM - Could be exploited by attackers who have gained initial access to the internal network.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public proof-of-concept exists in GitHub repositories. Exploitation appears straightforward based on the vulnerability description.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: Yes

Instructions:

1. Check Tenda's official website for firmware updates. 2. Download the latest firmware for AC10U. 3. Access router admin interface. 4. Navigate to System Tools > Firmware Upgrade. 5. Upload and install the new firmware. 6. Reboot the router.

🔧 Temporary Workarounds

Disable Remote Management

all

Prevents external attackers from accessing the vulnerable web interface

Change Default Credentials

all

Reduces risk of unauthorized access to router configuration

🧯 If You Can't Patch

Isolate the router in a separate VLAN with strict firewall rules
Implement network segmentation to limit potential lateral movement

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface under System Status or System Tools

Check Version:

Login to router web interface and check System Status page

Verify Fix Applied:

Verify firmware version has been updated to a version later than V15.03.06.49

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /goform/fast_setting_wifi_set
Multiple failed login attempts followed by configuration changes
Router reboot events after configuration changes

Network Indicators:

Unusual outbound connections from router
Traffic patterns suggesting command and control communication
Port scanning originating from router

SIEM Query:

source="router_logs" AND (uri="/goform/fast_setting_wifi_set" OR event="configuration_change")

📊 Metadata

CVE ID: CVE-2023-44023

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: September 27, 2023

Last Updated: November 21, 2024

🔗 References

https://github.com/aixiao0621/Tenda/blob/main/AC10U/4/0.md Third Party Advisory
https://github.com/aixiao0621/Tenda/blob/main/AC10U/4/0.md Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-44023, you might also want to check these: