Buffer Overflow Vulnerability in Tenda AC6 Router
CVE-2025-50263

8.1HIGH

Key Information:

Vendor: Tenda
Status: AC6 Router
Vendor: CVE Published:; 3 July 2025

What is CVE-2025-50263?

The Tenda AC6 router, specifically version v15.03.05.16_multi, contains a security flaw in the fromSetRouteStatic function, which is susceptible to a buffer overflow attack through the list parameter. This vulnerability could allow an attacker to exploit the system by manipulating the input, potentially leading to unauthorized access or device compromise. As a result, users are advised to apply security patches and take necessary precautions to protect their network integrity.

References

https://github.com/faqiadegege/IoTVuln/blob/main/tendaAC6...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2025
Vulnerability Reserved
Jun 16, 2025