CVE-2025-60339

CVSS v3.1

7.5

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Tenda AC6 version 15.03.06.50

Description The software contains multiple buffer overflow flaws within the

openSchedWifi

function. An attacker can leverage these to trigger a Denial of Service (DoS) condition by injecting a specially crafted payload into the

schedStartTime

and

schedEndTime

parameters.

Recommendations Update to a newer version that addresses this issue. As a temporary workaround, consider restricting access to the scheduling functionality or disabling the

openSchedWifi()

function until a patch is available.

Exploit

Fix

DoS

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2025-60339

Affected Products

Tenda Ac6

CVE-2025-60339

Weakness Enumeration

Related Identifiers

Affected Products

References · 4