CVE-2025-46035

CWE-120Classic Buffer Overflow4 documents4 sources
Severity
7.5HIGH
EPSS
0.3%
top 44.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenda AC6 Firmware
Timeline
PublishedJun 12
Latest updateOct 10

Description

Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDtenda/ac6_firmware15.03.05.16

🔴Vulnerability Details

2
GHSA
GHSA-qq3w-wq6v-mgpw: Buffer Overflow vulnerability in Tenda AC6 v2025-06-12
CVEList
CVE-2025-46035: Buffer Overflow vulnerability in Tenda AC6 v2025-06-12

🔍Detection Rules

1
Suricata
ET WEB_SPECIFIC_APPS Tenda openSchedWifi Multiple Parameters Buffer Overflow Attempt (CVE-2025-46035)2025-10-10
CVE-2025-46035 (HIGH CVSS 7.5) | Buffer Overflow vulnerability in Te | cvebase.io