Primary

Context

Tenda AC6 V2.0 Buffer Overflow Vulnerability in SetSpeedWan Function Allowing Denial-of-Service

Vulnerability

A buffer overflow vulnerability has been identified in the Tenda AC6 V2.0 router, specifically in the firmware version 15.03.06.50. The issue arises in the SetSpeedWan function, where the speed_dir parameter is vulnerable to stack-based buffer overflow. This vulnerability can be exploited by sending crafted HTTP requests with excessive data in the speed_dir parameter, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a denial-of-service condition on the affected router.

Reproduction

The vulnerability can be reproduced by sending an HTTP GET request to the '/goform/SetSpeedWan' endpoint with the 'speed_dir' parameter containing a payload of excessive length. This can be automated with a Python script that uses the 'requests' library to send the malformed request.

Added: Oct 22, 2025, 6:23 PM

Updated: Oct 22, 2025, 9:21 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.8

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.8

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC6 V2.0 Buffer Overflow Vulnerability in SetSpeedWan Function Allowing Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

Tenda AC6 V2.0

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating