CVE-2025-60341

Name of the Vulnerable Software and Affected Versions Tenda AC6 versions 15.03.06.50

Description The Tenda AC6 V2.0 firmware contains a stack overflow issue in the fast setting wifi set function. This flaw is triggered by a crafted input to the ssid parameter, potentially allowing an attacker to cause a Denial of Service (DoS). The vulnerability can be exploited remotely by sending a specially crafted HTTP request. The stack overflow occurs due to data being written beyond the bounds of an allocated memory buffer.

Recommendations Update to a newer version of the firmware that addresses this vulnerability. As a temporary workaround, consider restricting access to the fast setting wifi set function until a patch is available.