Description
Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters.
Published: 2026-04-08
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch Update
AI Analysis

Impact

A stack-based buffer overflow exists in the formSetCfm function of Tenda AC6 firmware 15.03.05.16_multi, triggered by overflowing the funcname, funcpara1, and funcpara2 parameters. The overflow can corrupt memory and potentially allow an attacker to execute arbitrary code, crash the device, or tamper with its configuration. This weakness is identified as CWE-120 (Buffer Overflow) and CWE-787 (Out-of-Bounds Write).

Affected Systems

The vulnerability affects Tenda AC6 routers that are running firmware version 15.03.05.16_multi. These consumer Wi‑Fi access points are typically managed through a web or other remote interface.

Risk and Exploitability

The CVSS v3.1 score of 7.5 indicates high severity, while the EPSS score of less than 1% suggests a low current probability of exploitation. This issue is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is remote access to the router’s web or management interface, possibly from the local network or an external source if the interface is exposed. No active exploitation code has been publicly reported, but the theoretical impact warrants prompt action.

Generated by OpenCVE AI on April 13, 2026 at 16:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Tenda AC6 firmware to a version that addresses the formSetCfm buffer overflow.
  • If no update is available, restrict access to the router’s management interface by firewall rules or by placing the device behind an isolated network segment.
  • Monitor device logs for anomalous use of the formSetCfm parameters or repeated failure attempts.
  • Contact Tenda support for further guidance if the device cannot be updated or isolated.

Generated by OpenCVE AI on April 13, 2026 at 16:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 14 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Title Tenda AC6 Buffer Overflow via formSetCfm Function

Mon, 13 Apr 2026 14:30:00 +0000

Type Values Removed Values Added
Title Buffer Overflow Vulnerability in Tenda AC6 formSetCfm Function
Weaknesses CWE-119

Mon, 13 Apr 2026 11:45:00 +0000

Type Values Removed Values Added
First Time appeared Tenda ac6 Firmware
Weaknesses CWE-787
CPEs cpe:2.3:h:tenda:ac6:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tenda:ac6_firmware:15.03.05.16_multi:*:*:*:*:*:*:*
Vendors & Products Tenda ac6 Firmware

Fri, 10 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared Tenda
Tenda ac6
Vendors & Products Tenda
Tenda ac6

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Buffer Overflow Vulnerability in Tenda AC6 formSetCfm Function
Weaknesses CWE-119

Wed, 08 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
Description Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters.
References

Subscriptions

Tenda Ac6 Ac6 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-10T15:42:37.221Z

Reserved: 2025-06-16T00:00:00.000Z

Link: CVE-2025-52221

cve-icon Vulnrichment

Updated: 2026-04-10T13:10:12.496Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-08T18:24:51.257

Modified: 2026-04-13T11:36:50.943

Link: CVE-2025-52221

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:40:45Z

Weaknesses