Primary

Context

Tenda W6_S Buffer Overflow Vulnerability in setcfm Function Allowing Remote Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in the Tenda W6_S router, specifically in version 1.0.0.4_510. The issue arises in the setcfm function, where remote attackers can cause a crash of the web server. This is achieved by sending a POST request with a crafted parameter, funcpara1, that triggers the buffer overflow.

Impact

Exploitation of this vulnerability leads to a crash of the web server, causing a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

0.6

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

0.6

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda W6_S Buffer Overflow Vulnerability in setcfm Function Allowing Remote Denial-of-Service

Vulnerability

Impact

Affected Products

Tenda W6_S

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating