CVE-2025-52221

CRITICAL

Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters.

CVSS v3.1 Score

9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Published: 4/8/2026Modified: 4/13/2026

Related Intelligence (0)

No articles currently reference this CVE.

References (2)

https://github.com/faqiadegege/IoTVuln/blob/main/tendaAc6_formSetCfm_funcname_overflow/detail.mdExploitThird Party Advisoryhttps://github.com/xiaotea/iot-vulnerability-collection/blob/main/README.mdThird Party Advisory