Tenda AC6 Stack Overflow Vulnerability in Smart Power Management Function

Vulnerability

A stack overflow vulnerability has been identified in the Tenda AC6 router, specifically in version V15.03.05.16. The issue arises in the setSmartPowerManagement function, where the time parameter is improperly handled, leading to the overflow.

Impact

Exploitation of this vulnerability causes a stack overflow, which can potentially be leveraged to execute arbitrary code or cause a denial-of-service condition by crashing the device.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC6 Stack Overflow Vulnerability in Smart Power Management Function

Vulnerability

Impact

Affected Products

Tenda AC6

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating