CVE-2024-10698 – This critical vulnerability in Tenda AC6 router... (How to Fix)

Q: What is the severity of CVE-2024-10698?

CVE-2024-10698 has a CVSS score of 8.8 (HIGH). This critical vulnerability in Tenda AC6 routers allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the device name setting function. Attackers can exploit this without authentication to potentially take full control of affected routers. Users with Tenda AC6 routers running firmware version 15.03.05.19 are affected.

📋 TL;DR

This critical vulnerability in Tenda AC6 routers allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the device name setting function. Attackers can exploit this without authentication to potentially take full control of affected routers. Users with Tenda AC6 routers running firmware version 15.03.05.19 are affected.

💻 Affected Systems

Products:

Tenda AC6

Versions: 15.03.05.19

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerable function is accessible via the web management interface, which is typically enabled by default.

📦 What is this software?

Ac6 Firmware by Tenda

View all CVEs affecting Ac6 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete router compromise, allowing attackers to intercept traffic, deploy malware, pivot to internal networks, or create persistent backdoors.

🟠

Likely Case

Router takeover enabling traffic interception, DNS hijacking, credential theft, and network reconnaissance.

🟢

If Mitigated

Limited impact if routers are behind firewalls with strict inbound filtering, though internal threats remain possible.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable without authentication, making internet-exposed routers immediate targets.

🏢 Internal Only: HIGH - Even internally, the vulnerability requires no authentication and can be exploited by any network user.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code exists on GitHub, making exploitation straightforward for attackers with basic skills.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.tenda.com.cn/

Restart Required: Yes

Instructions:

1. Check Tenda website for firmware updates. 2. Download latest firmware for AC6 model. 3. Access router admin interface. 4. Navigate to System Tools > Firmware Upgrade. 5. Upload and install new firmware. 6. Reboot router.

🔧 Temporary Workarounds

Disable Remote Management

all

Prevent external access to router management interface

Network Segmentation

all

Isolate router management interface to trusted network segment

🧯 If You Can't Patch

Replace affected routers with patched or different models
Implement strict network access controls to limit exposure to router management interface

🔍 How to Verify

Check if Vulnerable:

Check router firmware version via admin interface at System Status > Firmware Version

Check Version:

Check via web interface or telnet/ssh if enabled: cat /proc/version

Verify Fix Applied:

Verify firmware version is newer than 15.03.05.19 after update

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /goform/SetOnlineDevName
Multiple failed login attempts followed by exploitation attempts
Router reboot events after suspicious requests

Network Indicators:

Unusual outbound connections from router
DNS queries to suspicious domains
Traffic redirection patterns

SIEM Query:

source="router_logs" AND (uri="/goform/SetOnlineDevName" OR devName="*")

📊 Metadata

CVE ID: CVE-2024-10698

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-121

Published: November 2, 2024

Last Updated: November 4, 2024

🔗 References

https://github.com/theRaz0r/iot-mycve/blob/main/tenda_ac6_stackflow_formSetDeviceName/tenda_ac6_stackflow_formSetDeviceName.md Exploit
https://vuldb.com/?ctiid.282866 Permissions Required,Third Party Advisory
https://vuldb.com/?id.282866 Permissions Required,Third Party Advisory
https://vuldb.com/?submit.434935 Third Party Advisory
https://www.tenda.com.cn/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-10698, you might also want to check these: