CVE-2024-46431
Published: 10 February 2025
Summary
CVE-2024-46431 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Tenda W18E Firmware. Its CVSS base score is 8.0 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 10.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2024-46431 is a buffer overflow vulnerability (CWE-120) affecting the Tenda W18E router running firmware version V16.01.0.8(1625). The flaw resides in the delWewifiPic function within the web management portal, where specially crafted data can trigger the overflow.
An attacker with low privileges (PR:L) and adjacent network access (AV:A) can exploit this vulnerability with low complexity (AC:L) and no user interaction required (UI:N). Successful exploitation grants high-impact confidentiality, integrity, and availability consequences (C:H/I:H/A:H), potentially allowing arbitrary code execution on the device.
The primary advisory is detailed in a security research blog at https://reddassolutions.com/blog/tenda_w18e_security_research, which covers the vulnerability discovery but does not specify patch availability or mitigation steps in the provided information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-5046
Vulnerability details
Tenda W18E V16.01.0.8(1625) is vulnerable to Buffer Overflow. An attacker with access to the web management portal can exploit this vulnerability by sending specially crafted data to the delWewifiPic function.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in web management portal of network device enables RCE from adjacent access with low privileges, directly mapping to public-facing application exploitation and privilege escalation via memory corruption.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-10 requires validation of all information inputs, directly preventing buffer overflows triggered by specially crafted data sent to the delWewifiPic function.
SI-16 implements memory protection mechanisms like stack guards and address space randomization, comprehensively mitigating exploitation of the buffer overflow for arbitrary code execution.
SI-2 mandates timely flaw remediation through patching firmware vulnerabilities like CVE-2024-46431 in the Tenda W18E router.