216.73.217.176

CVE-2025-0349

· Published 09/01/2025 11:15 · Modified 22/03/2025 09:15

Labels: CVE-2025-0349 2025-01-09CVE-2025-0349CWE-119CWE-787[email protected]

Essential information

Published
09/01/2025 11:15
Modified
22/03/2025 09:15
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

NVD status

Status
Modified — CVE has been amended by a source (CVE Primary CNA or another CNA). Analysis data supplied by the NVD may be no longer be accurate due to these changes.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
tenda / ac6 firmware cpe:2.3:o:tenda:ac6_firmware:15.03.05.16:*:*:*:*:*:*:*
tenda / ac6 cpe:2.3:h:tenda:ac6:-:*:*:*:*:*:*:*

References