AC6
by Tenda
CVEs (128)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-27129 | 0.00 | — | 0.02 | Aug 20, 2025 | An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability. | |||
| CVE-2025-30256 | 0.00 | — | 0.00 | Aug 20, 2025 | A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability. | |||
| CVE-2025-32010 | 0.00 | — | 0.01 | Aug 20, 2025 | A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability. | |||
| CVE-2025-55498 | 0.00 | — | 0.00 | Aug 20, 2025 | Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function. | |||
| CVE-2025-55483 | 0.00 | — | 0.00 | Aug 20, 2025 | Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList. | |||
| CVE-2025-55499 | 0.00 | — | 0.00 | Aug 20, 2025 | Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function. | |||
| CVE-2025-55503 | 0.00 | — | 0.00 | Aug 20, 2025 | Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function. | |||
| CVE-2025-55482 | 0.00 | — | 0.00 | Aug 20, 2025 | Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function. |
- CVE-2025-27129Aug 20, 2025risk 0.00cvss —epss 0.02
An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability.
- CVE-2025-30256Aug 20, 2025risk 0.00cvss —epss 0.00
A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.
- CVE-2025-32010Aug 20, 2025risk 0.00cvss —epss 0.01
A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.
- CVE-2025-55498Aug 20, 2025risk 0.00cvss —epss 0.00
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.
- CVE-2025-55483Aug 20, 2025risk 0.00cvss —epss 0.00
Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList.
- CVE-2025-55499Aug 20, 2025risk 0.00cvss —epss 0.00
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function.
- CVE-2025-55503Aug 20, 2025risk 0.00cvss —epss 0.00
Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function.
- CVE-2025-55482Aug 20, 2025risk 0.00cvss —epss 0.00
Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function.
Page 7 of 7