Login Sign Up

CVE-2023-45484

9.8 CRITICAL

📋 TL;DR

This vulnerability is a stack overflow in Tenda AC10 routers via the shareSpeed parameter in the fromSetWifiGuestBasic function. It allows remote attackers to execute arbitrary code or cause denial of service. Affects users of Tenda AC10 routers with the vulnerable firmware version.

💻 Affected Systems

Products:
  • Tenda AC10
Versions: US_AC10V4.0si_V16.03.10.13_cn
Operating Systems: Embedded Linux firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Only confirmed for this specific firmware version. Other versions may be affected but not verified.

📦 What is this software?

Ac10 Firmware by Tenda

View all CVEs affecting Ac10 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full router compromise, credential theft, network pivoting, and persistent backdoor installation.

🟠

Likely Case

Router crash causing denial of service, requiring physical reset and temporary network disruption.

🟢

If Mitigated

Limited impact if network segmentation isolates routers and external access is restricted.

🌐 Internet-Facing: HIGH - Routers are typically internet-facing devices with web interfaces accessible from WAN.
🏢 Internal Only: MEDIUM - Internal attackers could exploit via LAN if web interface is enabled.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details and proof-of-concept code are publicly available in GitHub repositories. Authentication is required to access the vulnerable endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: Yes

Instructions:

1. Check Tenda website for firmware updates. 2. Download latest firmware for AC10. 3. Log into router admin interface. 4. Navigate to firmware upgrade section. 5. Upload and apply new firmware. 6. Reboot router.

🔧 Temporary Workarounds

Disable Guest WiFi

all

Disable the guest WiFi functionality to remove the vulnerable endpoint.

Restrict Admin Access

all

Change router admin interface to only allow access from specific IP addresses.

🧯 If You Can't Patch

  • Segment router on isolated network segment with strict firewall rules
  • Disable remote administration and WAN access to admin interface

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface under System Status or Firmware Upgrade page.

Check Version:

Login to router web interface and check firmware version in system settings.

Verify Fix Applied:

Verify firmware version has changed from US_AC10V4.0si_V16.03.10.13_cn to a newer version.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed authentication attempts followed by successful login and POST requests to /goform/setWifiGuestBasic

Network Indicators:

  • Unusual outbound connections from router, unexpected firmware modification attempts

SIEM Query:

source="router_logs" AND (uri_path="/goform/setWifiGuestBasic" OR process="fromSetWifiGuestBasic")

📊 Metadata

CVE ID: CVE-2023-45484
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: November 29, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-45484, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)