Primary

Context

Tenda W6_S Buffer Overflow Vulnerability in set_local_time Function Allowing Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in the Tenda W6_S router, specifically in version 1.0.0.4_510. The issue arises in the set_local_time function, where remote attackers can cause a crash of the web server. This is achieved by sending a POST request with a parameter containing the time, which triggers the buffer overflow.

Impact

Exploitation of this vulnerability leads to a crash of the web server, causing a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda W6_S Buffer Overflow Vulnerability in set_local_time Function Allowing Denial-of-Service

Vulnerability

Impact

Affected Products

Tenda W6_S

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating