Ac6 Firmware

ac6_firmware

Vendor: Tenda • 108 CVEs

CVEs (108)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-55503 1Tenda 1Ac6 Firmware Aug 21, 2025 Aug 20, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function.
CVE-2025-55499 1Tenda 1Ac6 Firmware Aug 21, 2025 Aug 20, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function.
CVE-2025-55483 1Tenda 1Ac6 Firmware Aug 21, 2025 Aug 20, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList.
CVE-2025-32010 1Tenda 1Ac6 Firmware Nov 3, 2025 Aug 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP resp...Show more A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.Show less
CVE-2025-31355 1Tenda 1Ac6 Firmware Nov 3, 2025 Aug 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide...Show more A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.Show less
CVE-2025-30256 1Tenda 1Ac6 Firmware Nov 3, 2025 Aug 20, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network p...Show more A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.Show less
CVE-2025-27129 1Tenda 1Ac6 Firmware Nov 3, 2025 Aug 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets...Show more An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability.Show less
CVE-2025-24496 1Tenda 1Ac6 Firmware Nov 3, 2025 Aug 20, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker...Show more An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.Show less
CVE-2025-24322 1Tenda 1Ac6 Firmware Nov 3, 2025 Aug 20, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attack...Show more An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability.Show less
CVE-2025-7914 1Tenda 1Ac6 Firmware Jul 23, 2025 Jul 21, 2025 8.7 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads to buffer overflow. T...Show more A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads to buffer overflow. The attack can be launched remotely.Show less
CVE-2025-50263 1Tenda 1Ac6 Firmware Jul 7, 2025 Jul 3, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the list parameter.
CVE-2025-50262 1Tenda 1Ac6 Firmware Jul 7, 2025 Jul 3, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetQosBand function via the list parameter.
CVE-2025-50260 1Tenda 1Ac6 Firmware Jul 7, 2025 Jul 3, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter.
CVE-2025-50258 1Tenda 1Ac6 Firmware Jul 7, 2025 Jul 3, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the SetSysTimeCfg function via the time parameter.
CVE-2025-50641 1Tenda 1Ac6 Firmware Apr 8, 2026 Jul 1, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the addWifiMacFilter function via the parameter deviceId.
CVE-2025-50528 1Tenda 1Ac6 Firmware Jul 1, 2025 Jun 27, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 A buffer overflow vulnerability exists in the fromNatStaticSetting function of Tenda AC6 <=V15.03.05.19 via the page parameter.
CVE-2025-46035 1Tenda 1Ac6 Firmware Jun 17, 2025 Jun 12, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /g...Show more Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpointShow less
CVE-2025-5855 1Tenda 1Ac6 Firmware Jun 9, 2025 Jun 9, 2025 7.4 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability, which was classified as critical, was found in Tenda AC6 15.03.05.16. This affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to...Show more A vulnerability, which was classified as critical, was found in Tenda AC6 15.03.05.16. This affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-5854 1Tenda 1Ac6 Firmware Jun 9, 2025 Jun 9, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask...Show more A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-5853 1Tenda 1Ac6 Firmware Jun 9, 2025 Jun 9, 2025 7.4 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability classified as critical was found in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg. The manipulation of the argument remoteI...Show more A vulnerability classified as critical was found in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg. The manipulation of the argument remoteIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.Show less

Previous 123 4 5 6 Next