CVERadar

CVE-2024-46437

Medium Severity

Tenda

SVRS

38/100

CVSSv3

6.5/10

EPSS

0.00268/1

CVE-2024-46437 is a sensitive information disclosure vulnerability affecting Tenda W18E routers. This flaw allows unauthenticated remote attackers to access sensitive data, including WiFi credentials and administrator credentials. An attacker can exploit this vulnerability by sending a crafted HTTP POST request to the getQuickCfgWifiAndLogin function, bypassing normal authentication procedures.

The vulnerability allows attackers to obtain the WiFi SSID, WiFi password, and base64-encoded administrator credentials. While the CVSS score is 6.5, the SOCRadar Vulnerability Risk Score (SVRS) is 38, indicating a lower, but still present, risk. Successful exploitation grants unauthorized access to the router's configuration, potentially leading to further malicious activities like network hijacking or data theft. This is significant because it compromises the security of the network and the devices connected to it. Despite the lower SVRS, administrators should still apply appropriate security measures to mitigate the risk.

Description

CVE-2024-46437 is a sensitive information disclosure vulnerability affecting the Tenda W18E V16.01.0.8(1625) web management portal. This vulnerability allows an unauthenticated remote attacker to retrieve sensitive configuration information, including WiFi SSID, WiFi password, and base64-encoded administrator credentials, by sending a specially crafted HTTP POST request to the getQuickCfgWifiAndLogin function, bypassing authentication checks. The CVSS score for this vulnerability is 6.5, indicating a medium severity. However, the SOCRadar Vulnerability Risk Score (SVRS) is 38, which indicates a lower severity than the CVSS score, but still a cause for concern.

Key Insights

Impact: Successful exploitation of this vulnerability could compromise the confidentiality of sensitive information, potentially allowing attackers to gain unauthorized access to the network and its resources.
Exploitability: The vulnerability is exploitable remotely without any authentication, making it accessible to a wide range of attackers.
Affected Product: This vulnerability specifically impacts the Tenda W18E V16.01.0.8(1625) web management portal.
Attack Vector: The attack vector is through a crafted HTTP POST request targeting the getQuickCfgWifiAndLogin function.

Mitigation Strategies

Upgrade Firmware: Update the firmware on the Tenda W18E to the latest version. This will likely contain a patch that addresses the vulnerability.
Change Credentials: If the firmware upgrade is not possible or the vulnerability still persists, change the administrator credentials and any other sensitive configurations.
Network Segmentation: Implement network segmentation to isolate the Tenda W18E from other critical network resources. This will limit the impact of the vulnerability even if it is exploited.
Regular Security Audits: Conduct regular security audits to identify and patch vulnerabilities like this one.

Additional Information

While there is no evidence of active exploitation of CVE-2024-46437 in the wild, the vulnerability remains a potential risk. There have been no reported exploits, no known threat actors targeting this vulnerability, and no warnings from CISA. However, it is important to note that the information disclosure vulnerability could lead to further attacks if attackers gain access to sensitive credentials. If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

CVE-2024-46437 | Tenda W18E 16.01.0.8(1625) Web Management Portal getQuickCfgWifiAndLogin information disclosure

vuldb.com2025-02-10

CVE-2024-46437 | Tenda W18E 16.01.0.8(1625) Web Management Portal getQuickCfgWifiAndLogin information disclosure | A vulnerability, which was classified as problematic, was found in Tenda W18E 16.01.0.8(1625). This affects the function getQuickCfgWifiAndLogin of the component Web Management Portal. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-46437. It is possible to initiate

vuldb.com

rss

forum

news

Social Media

CVE

@CVEnew

2025-02-10

CVE-2024-46437 A sensitive information disclosure vulnerability in the Tenda W18E V16.01.0.8(1625) web management portal allows an unauthenticated remote attacker to retrieve sensit… https://t.co/nsiCDuY0bp

Affected Software

Configuration 1

Type	Vendor	Product
OS	Tenda	w18e_firmware

References

Reference	Link
[email protected]	https://reddassolutions.com/blog/tenda_w18e_security_research
GITHUB	https://reddassolutions.com/blog/tenda_w18e_security_research
[email protected]	https://reddassolutions.com/blog/tenda_w18e_security_research

CWE Details

CWE ID	CWE Name	Description
CWE-200	Exposure of Sensitive Information to an Unauthorized Actor	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence