Buffer Overflow Vulnerability in Tenda AC6 Firmware
CVE-2025-25343

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: AC6 Firmware
Vendor: CVE Published:; 12 February 2025

Summary

The Tenda AC6 V15.03.05.16 firmware is susceptible to a buffer overflow vulnerability within the formexeCommand function, potentially allowing unauthorized commands and access to critical system resources. This flaw could lead to exploitation, impacting the device's integrity and the network’s security.

References

https://github.com/wy876/cve/issues/4

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Feb 7, 2025