23 matches found
CVE-2025-0349
A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The ex...
CVE-2025-25505
Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the sub_452A4 function.
CVE-2025-25343
Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function.
CVE-2025-5852
A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclo...
CVE-2025-25507
There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the formexeCommand function, the parameter cmdinput will cause remote command execution.
CVE-2025-1814
A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is some unknown functionality of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack may be launched remotely...
CVE-2024-46450
Incorrect access control in Tenda AC1200 Smart Dual-Band WiFi Router Model AC6 v2.0 Firmware v15.03.06.50 allows attackers to bypass authentication via a crafted web request.
CVE-2025-29121
A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow.
CVE-2025-29030
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.
CVE-2025-29029
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.
CVE-2025-29031
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.
CVE-2025-5853
A vulnerability classified as critical was found in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg. The manipulation of the argument remoteIp leads to stack-based buffer overflow. The attack can be launched remotely. Th...
CVE-2025-5854
A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack may be launched remotely. The exploit has...
CVE-2025-5855
A vulnerability, which was classified as critical, was found in Tenda AC6 15.03.05.16. This affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. T...
CVE-2025-44172
Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.
CVE-2025-46035
Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint
CVE-2025-50258
Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the SetSysTimeCfg function via the time parameter.
CVE-2025-50260
Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter.
CVE-2025-50262
Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetQosBand function via the list parameter.
CVE-2025-50263
Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the list parameter.
CVE-2025-50528
A buffer overflow vulnerability exists in the fromNatStaticSetting function of Tenda AC6
CVE-2025-50641
Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the addWifiMacFilter function via the parameter deviceId.
CVE-2025-7914
A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads to buffer overflow. The attack can be launched remotely.