PT-2025-13525 · Tenda · Tenda W6

Published

2025-03-28

Updated

2025-03-29

CVE-2025-28221

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Tenda W6 S version 1.0.0.4 510

Description The issue is related to a Buffer Overflow in the set local time function. This allows remote attackers to cause a web server crash by passing a malicious time parameter through a POST request to the binary.

Recommendations For Tenda W6 S version 1.0.0.4 510, consider restricting access to the set local time function until a patch is available to prevent exploitation via the time parameter in POST requests.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2025-28221

Affected Products

Tenda W6

PT-2025-13525 · Tenda · Tenda W6

CVE-2025-28221

Weakness Enumeration

Related Identifiers

Affected Products

References · 5