Sign-up

ID

VAR-202508-2262


CVE

CVE-2025-55503


TITLE

Shenzhen Tenda Technology Co.,Ltd.  of  AC6  Stack-based buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-012140

DESCRIPTION

Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function. Shenzhen Tenda Technology Co.,Ltd. of AC6 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. It supports both IPv4 and IPv6 protocols, utilizes the 802.11ac/n wireless standard, and provides a wireless transmission rate of 1167 Mbps. This vulnerability stems from the failure to properly validate the length of the input data in the saveParentControlInfo function's deviceName parameter. An attacker could exploit this vulnerability to cause a denial of service

Trust: 2.16

sources: NVD: CVE-2025-55503 // JVNDB: JVNDB-2025-012140 // CNVD: CNVD-2025-20149

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-20149

AFFECTED PRODUCTS

vendor:tendamodel:ac6scope:eqversion:15.03.06.23_multi

Trust: 1.0

vendor:tendamodel:ac6scope:eqversion:ac6 firmware 15.03.06.23 multi

Trust: 0.8

vendor:tendamodel:ac6scope:eqversion: -

Trust: 0.8

vendor:tendamodel:ac6scope: - version: -

Trust: 0.8

vendor:tendamodel:ac6 v15.03.06.23 multiscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-20149 // JVNDB: JVNDB-2025-012140 // NVD: CVE-2025-55503

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-55503
value: HIGH

Trust: 1.0

OTHER: JVNDB-2025-012140
value: HIGH

Trust: 0.8

CNVD: CNVD-2025-20149
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-20149
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-55503
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 3.4
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-012140
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-20149 // JVNDB: JVNDB-2025-012140 // NVD: CVE-2025-55503

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:Stack-based buffer overflow (CWE-121) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-012140 // NVD: CVE-2025-55503

EXTERNAL IDS

db:NVDid:CVE-2025-55503

Trust: 3.2

db:JVNDBid:JVNDB-2025-012140

Trust: 0.8

db:CNVDid:CNVD-2025-20149

Trust: 0.6

sources: CNVD: CNVD-2025-20149 // JVNDB: JVNDB-2025-012140 // NVD: CVE-2025-55503

REFERENCES

url:https://github.com/solitarygrass/iot_vuln/blob/main/tenda/ac6/ac6v2.0rtl_v15.03.06.23/saveparentcontrolinfo/poc.md

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2025-55503

Trust: 0.8

sources: CNVD: CNVD-2025-20149 // JVNDB: JVNDB-2025-012140 // NVD: CVE-2025-55503

SOURCES

db:CNVDid:CNVD-2025-20149
db:JVNDBid:JVNDB-2025-012140
db:NVDid:CVE-2025-55503

LAST UPDATE DATE

2025-09-05T19:36:56.391000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-20149date:2025-09-03T00:00:00
db:JVNDBid:JVNDB-2025-012140date:2025-08-22T08:00:00
db:NVDid:CVE-2025-55503date:2025-08-21T14:30:49.670

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-20149date:2025-09-02T00:00:00
db:JVNDBid:JVNDB-2025-012140date:2025-08-22T00:00:00
db:NVDid:CVE-2025-55503date:2025-08-20T14:15:47.460