CVE-2024-46436

HighPublic PoC

Published: 10 February 2025

Published

10 February 2025

Modified

25 March 2025

KEV Added

—

Patch

—

CVSS Score 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

EPSS Score 0.0096 76.6th percentile

Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-46436 is a high-severity Use of Hard-coded Credentials (CWE-798) vulnerability in Tenda W18E Firmware. Its CVSS base score is 8.3 (High).

Operationally, ranked in the top 23.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SC-7 (Boundary Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Requires timely remediation of flaws such as hardcoded credentials in router firmware by applying vendor patches, directly eliminating the vulnerability.

CM-7 Least Functionality good match

prevent

Limits system functionality by disabling unnecessary services like telnet, preventing remote attackers from exploiting the hardcoded credentials.

SC-7 Boundary Protection good match

prevent

Monitors and controls network boundary communications to block adjacent network (AV:A) access to the vulnerable telnet service.

NVD Description

Hardcoded credentials in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to gain root access to the device over the telnet service.

Deeper analysisAI

CVE-2024-46436 is a high-severity vulnerability (CVSS 8.3, CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L) stemming from hardcoded credentials in the Tenda W18E router firmware version V16.01.0.8(1625). It affects the telnet service on this device, classified under CWE-798 (Use of Hard-coded Credentials). Attackers can exploit these static credentials to bypass authentication entirely, as they are embedded directly in the firmware without obfuscation or randomization.

The vulnerability enables unauthenticated remote attackers on an adjacent network (AV:A) to connect to the telnet service with low attack complexity and no user interaction required. Successful exploitation grants root-level access to the device's operating system, allowing full control over configurations, potential data extraction, modification of router settings, or use as a pivot point in the network. Impacts include high confidentiality and integrity compromise, with low availability disruption.

For mitigation details, refer to the security research advisory at https://reddassolutions.com/blog/tenda_w18e_security_research, which documents the flaw. Affected users should disable the telnet service if possible, update to patched firmware if available from Tenda, or isolate the device from untrusted networks pending remediation.

Details

CWE(s): CWE-798

Affected Products

tenda

w18e firmware

16.01.0.8\(1625\)

CVEs Like This One

CVE-2024-46433Same product: Tenda W18E

CVE-2024-46429Same product: Tenda W18E

CVE-2024-46434Same product: Tenda W18E

CVE-2024-46435Same product: Tenda W18E

CVE-2024-46432Same product: Tenda W18E

CVE-2024-46431Same product: Tenda W18E

CVE-2026-1610Same vendor: Tenda

CVE-2025-1898Same vendor: Tenda

CVE-2025-15007Same vendor: Tenda

CVE-2026-38835Same vendor: Tenda

References

https://reddassolutions.com/blog/tenda_w18e_security_research
Exploit, Third Party Advisory · cve@mitre.org