CVE-2024-46435
Published: 10 February 2025
Summary
CVE-2024-46435 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Tenda W18E Firmware. Its CVSS base score is 8.0 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 22.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2024-46435 is a stack overflow vulnerability affecting the web management portal of the Tenda W18E router running firmware version V16.01.0.8(1625). The issue stems from improper input validation when processing user-supplied data in the delFacebookPic function, which can lead to a buffer overflow condition. This flaw, classified under CWE-121, has a CVSS v3.1 base score of 8.0 (AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.
An authenticated remote attacker with low privileges, operating from an adjacent network (AV:A), can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation allows the attacker to trigger a denial of service by crashing the device or, potentially, execute arbitrary code, granting high-level control over the affected router.
Mitigation details and further analysis are provided in the advisory published by Redda Solutions at https://reddassolutions.com/blog/tenda_w18e_security_research. Security practitioners should consult this reference for any recommended patches or workarounds specific to the Tenda W18E.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-5045
Vulnerability details
A stack overflow vulnerability in the Tenda W18E V16.01.0.8(1625) web management portal allows an authenticated remote attacker to cause a denial of service or potentially execute arbitrary code. This vulnerability occurs due to improper input validation when handling user-supplied data…
more
in the delFacebookPic function.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack buffer overflow in router web management portal directly enables remote exploitation of a public-facing application for code execution or DoS.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses the improper input validation in the delFacebookPic function that causes the stack overflow.
Provides memory protections such as stack canaries, ASLR, and DEP to mitigate stack overflow exploits leading to DoS or code execution.
Ensures timely remediation of the specific stack overflow flaw through firmware patching or updates for the Tenda W18E.