Tenda AC6 httpd setparentcontrolinfo buffer overflow

July 20, 2025 invoker category_cve

CVE Details

Basic Information

Title Tenda AC6 httpd setparentcontrolinfo buffer overflow
Type cve
Published 2025-07-21T00:02:07.481Z
Modified 2025-07-21T00:02:07.481Z

Product Information

Vendor Tenda
Product AC6
Version 15.03.06.50

CVSS Information

Base Score 8.7 (HIGH)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X

AI Analysis

AI Description A critical buffer overflow vulnerability in Tenda AC6 version 15.03.06.50 allows remote attackers to exploit the setparentcontrolinfo function in the httpd component, potentially leading to system compromise.
AI Severity High
AI Vendor Tenda
AI Product Tenda AC6
AI Version 15.03.06.50

Affected Products

  • Tenda AC6 15.03.06.50

Additional Information

CWE List CWE-120, CWE-119
Source VulDB

Description

A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads to buffer overflow. The attack can be launched remotely.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.