CVE-2026-0640: High Vulnerability in Tenda AC23 Firmware

A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.

The vulnerability has a CVSS score of 7.4, which classifies it as high severity. This underlines the importance of addressing this issue promptly, as the potential for exploitation is notable.

Risk to organizations includes unauthorized access and potential data breaches. Given the ease of exploitation, organizations should prioritize patching immediately.

Currently, there is no known public exploit confirmed, but the availability of an exploit raises concerns about the urgency of remediation.

Vulnerability Details

A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow.

The vulnerability is classified under CWE-119 and CWE-120, indicating issues related to improper restriction of operations within the bounds of a memory buffer.

The CVSS score for this vulnerability is 7.4, indicating a high severity level. The attack vector is network-based, requiring low attack complexity and low privileges.

Technical Analysis

Root cause of the vulnerability lies in improper handling of the sscanf function within the firmware, which allows for manipulation of buffer sizes through argument tampering.

The attack can be executed remotely, posing significant risks as it does not require user interaction. Attack complexity is low, making it accessible for attackers with basic capabilities.

The impacts include high confidentiality, integrity, and availability risks, as exploitation can lead to unauthorized access and system compromise.

Risk & Impact Analysis

The real-world deployment risk associated with this vulnerability is notably high, as it affects systems that are accessible over the network. Organizations utilizing Tenda AC23 firmware should assess their exposure.

The potential blast radius of this vulnerability is significant, as it can allow attackers to gain control over affected devices, leading to wider network exploitation.

Given the CVSS score and the nature of the vulnerability, organizations should address this issue in their priority patch cycle.

Exploitation Status

Affected Versions

The affected version is Tenda AC23 firmware version 16.03.07.52. All versions prior to vendor patch are considered vulnerable.

Mitigation & Remediation

Organizations should apply available patches for Tenda AC23 firmware immediately. If a patch is unavailable, consider implementing network controls to restrict access to the affected devices.

For further guidance on security testing, organizations may refer to penetration testing services to validate their security posture.

Detection Guidance

Monitoring logs for unusual access patterns or unexpected changes to device settings may indicate exploitation attempts. It is crucial to maintain up-to-date security measures.

AppSecure Threat Intelligence Insight

The long-term significance of this vulnerability is concerning, as it can serve as a vector for broader attacks. Security teams should consider this in their threat modeling.

To mitigate such risks, organizations should review their security frameworks and ensure that they are prepared for similar vulnerabilities in the future.

For insights on vulnerability management, security teams should explore resources on vulnerability management programs to enhance their defense strategies.

Additionally, organizations should stay informed about emerging threats via penetration testing methodologies to adapt to the changing threat landscape.