Ac6 Firmware Security Vulnerabilities and Issues — Ac6 Firmware CVE List

Lucene search

TendaAc6 Firmware

11 matches found

CVE•added 2025/08/20 3:15 p.m.•6 views

CVE-2025-55482

Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function.

7.5CVSS7.1AI score0.0005EPSS

CVE•added 2025/08/20 3:15 p.m.•6 views

CVE-2025-55498

Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.

7.5CVSS8.1AI score0.0005EPSS

CVE•added 2025/08/20 2:15 p.m.•5 views

CVE-2025-24322

An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability.

9.8CVSS8AI score0.00078EPSS

CVE•added 2025/08/20 2:15 p.m.•5 views

CVE-2025-32010

A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.

9.8CVSS8.2AI score0.00622EPSS

CVE•added 2025/08/20 2:15 p.m.•4 views

CVE-2025-24496

An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.

7.5CVSS6.5AI score0.00042EPSS

CVE•added 2025/08/20 2:15 p.m.•4 views

CVE-2025-27129

An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability.

9.8CVSS8AI score0.0017EPSS

CVE•added 2025/08/20 2:15 p.m.•4 views

CVE-2025-30256

A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.

8.6CVSS7AI score0.00067EPSS

CVE•added 2025/08/20 2:15 p.m.•4 views

CVE-2025-31355

A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

9.8CVSS7.8AI score0.00038EPSS

CVE•added 2025/08/20 2:15 p.m.•4 views

CVE-2025-55483

Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList.

7.5CVSS7.1AI score0.0005EPSS

CVE•added 2025/08/20 2:15 p.m.•4 views

CVE-2025-55499

Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function.

6.5CVSS8.1AI score0.00038EPSS

CVE•added 2025/08/20 2:15 p.m.•4 views

CVE-2025-55503

Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function.

7.3CVSS7.6AI score0.00046EPSS