CVE-2025-32010
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-20
Last updated on: 2025-11-03
Assigner: Talos
Description
Description
A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ac6_firmware | 02.03.01.110 |
| tenda | ac6 | 5.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. It can be triggered by an attacker sending a specially crafted HTTP response, which may lead to arbitrary code execution on the affected device.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to execute arbitrary code on the affected device remotely, potentially leading to full compromise of the device, unauthorized access, data theft, or disruption of service.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70