CVE-2024-46431

HighPublic PoC

Published: 10 February 2025

Published

10 February 2025

Modified

25 March 2025

KEV Added

—

Patch

—

CVSS Score 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0003 9.8th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-46431 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Tenda W18E Firmware. Its CVSS base score is 8.0 (High).

Operationally, ranked at the 9.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

SI-10 requires validation of all information inputs, directly preventing buffer overflows triggered by specially crafted data sent to the delWewifiPic function.

SI-16 Memory Protection good match

prevent

SI-16 implements memory protection mechanisms like stack guards and address space randomization, comprehensively mitigating exploitation of the buffer overflow for arbitrary code execution.

SI-2 Flaw Remediation good match

prevent

SI-2 mandates timely flaw remediation through patching firmware vulnerabilities like CVE-2024-46431 in the Tenda W18E router.

NVD Description

Tenda W18E V16.01.0.8(1625) is vulnerable to Buffer Overflow. An attacker with access to the web management portal can exploit this vulnerability by sending specially crafted data to the delWewifiPic function.

Deeper analysisAI

CVE-2024-46431 is a buffer overflow vulnerability (CWE-120) affecting the Tenda W18E router running firmware version V16.01.0.8(1625). The flaw resides in the delWewifiPic function within the web management portal, where specially crafted data can trigger the overflow.

An attacker with low privileges (PR:L) and adjacent network access (AV:A) can exploit this vulnerability with low complexity (AC:L) and no user interaction required (UI:N). Successful exploitation grants high-impact confidentiality, integrity, and availability consequences (C:H/I:H/A:H), potentially allowing arbitrary code execution on the device.

The primary advisory is detailed in a security research blog at https://reddassolutions.com/blog/tenda_w18e_security_research, which covers the vulnerability discovery but does not specify patch availability or mitigation steps in the provided information.

Details

CWE(s): CWE-120

Affected Products

tenda

w18e firmware

16.01.0.8\(1625\)

CVEs Like This One

CVE-2024-46434Same product: Tenda W18E

CVE-2024-46435Same product: Tenda W18E

CVE-2024-46436Same product: Tenda W18E

CVE-2024-46433Same product: Tenda W18E

CVE-2024-46432Same product: Tenda W18E

CVE-2024-46429Same product: Tenda W18E

CVE-2025-25343Same vendor: Tenda

CVE-2025-28221Same vendor: Tenda

CVE-2026-24110Same vendor: Tenda

CVE-2025-29137Same vendor: Tenda

References

https://reddassolutions.com/blog/tenda_w18e_security_research
Exploit, Third Party Advisory · cve@mitre.org