A critical stack-based buffer overflow in Tenda CH22 firmware version 1.0.0.1 exposes the device to remote code execution and unauthorized access.

The vulnerability exists in the /goform/addUserName file, specifically within the formaddUserName function. By manipulating the 'Password' argument in a specially crafted request, an unauthenticated attacker can trigger a stack-based buffer overflow.

The CVSS score of 8.8 indicates a high severity risk. Successful exploitation could result in a total compromise of the router, impacting service availability and allowing attackers to perform man-in-the-middle attacks or use the device as a gateway for further lateral movement within the network.

Immediate Action: Consult the vendor for security patches and update the Tenda CH22 firmware to the latest available version.

Proactive Monitoring: Review security logs for abnormal activity related to user management or authentication requests on the router.

Compensating Controls: Restrict access to the router’s web administration interface to authorized administrative IP addresses only.

Public Exploit Available: true

The severity of this vulnerability, combined with the availability of exploit code, necessitates an immediate response. Organizations should prioritize patching this device and reviewing its network exposure to mitigate the risk of external exploitation.