Tenda AC6 Buffer Overflow Vulnerability in setparentcontrolinfo Function

Vulnerability

A critical buffer overflow vulnerability has been identified in the Tenda AC6 router, specifically in version 15.03.06.50. The issue arises in the httpd component, within the setparentcontrolinfo function, where the product improperly handles input buffers, leading to potential memory corruption. This vulnerability can be exploited remotely.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can commonly lead to arbitrary code execution or a denial-of-service condition.

Added: Jul 21, 2025, 1:17 AM

Updated: Jul 21, 2025, 1:17 AM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC6 Buffer Overflow Vulnerability in setparentcontrolinfo Function

Vulnerability

Impact

Affected Products

Tenda AC6

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating