Tenda Ac6 Firmware vulnerabilities

CVE-2025-5852 [HIGH] CWE-119 CVE-2025-5852: A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the func A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-44172 [MEDIUM] CWE-121 CVE-2025-44172: Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setS Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.

CVE-2025-29121 [HIGH] CWE-121 CVE-2025-29121: A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow.

CVE-2025-29029 [CRITICAL] CWE-787 CVE-2025-29029: Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function. Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.

CVE-2025-29030 [CRITICAL] CWE-787 CVE-2025-29030: Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function. Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.

CVE-2025-29031 [CRITICAL] CWE-787 CVE-2025-29031: Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function. Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.

CVE-2025-1814 [HIGH] CWE-119 CVE-2025-1814: A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is some unknown functionality of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may b

CVE-2025-25505 [MEDIUM] CWE-120 CVE-2025-25505: Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the sub_452A4 function. Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the sub_452A4 function.

CVE-2025-25507 [MEDIUM] CWE-94 CVE-2025-25507: There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the formexeCommand function, the par There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the formexeCommand function, the parameter cmdinput will cause remote command execution.

CVE-2025-25343 [CRITICAL] CWE-120 CVE-2025-25343: Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function. Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function.

CVE-2024-46450 [HIGH] CWE-862 CVE-2024-46450: Incorrect access control in Tenda AC1200 Smart Dual-Band WiFi Router Model AC6 v2.0 Firmware v15.03. Incorrect access control in Tenda AC1200 Smart Dual-Band WiFi Router Model AC6 v2.0 Firmware v15.03.06.50 allows attackers to bypass authentication via a crafted web request.

CVE-2025-0349 [HIGH] CWE-119 CVE-2025-0349: A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the func A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-52273 [HIGH] CWE-121 CVE-2024-52273: Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppo Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppoeConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50

CVE-2024-52274 [HIGH] CWE-121 CVE-2024-52274: Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tp Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50

CVE-2024-52275 [HIGH] CWE-121 CVE-2024-52275: Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHan Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50.

CVE-2024-52272 [HIGH] CWE-121 CVE-2024-52272: Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLan Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50

CVE-2024-52714 [CRITICAL] CWE-120 CVE-2024-52714: Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysT Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime.

CVE-2024-51116 [HIGH] CWE-120 CVE-2024-51116: Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTP Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'.

CVE-2024-10698 [HIGH] CWE-121 CVE-2024-10698: A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this issu A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-10697 [MEDIUM] CWE-74 CVE-2024-10697: A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac of the component API Endpoint. The manipulation of the argument mac leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the pu