Tenda: >> Ac6 Firmware >> 15.03.06.23_multi Security Vulnerabilities
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23_multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-02
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-08-27
Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-20
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-20
Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-08-20