Sign-up

ID

VAR-202509-3635


CVE

CVE-2025-57528


TITLE

Shenzhen Tenda Technology Co.,Ltd.  of  AC6  Firmware Input Validation Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2025-015577

DESCRIPTION

An issue was discovered in Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01 allowing attackers to cause a denial of service via the funcname, funcpara1, funcpara2 parameters to the formSetCfm function (uri path: SetCfm). Shenzhen Tenda Technology Co.,Ltd. of AC6 There is an input validation vulnerability in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda AC6 is a dual-band wireless router from Tenda, supporting both 2.4GHz and 5GHz bands and achieving a maximum transmission rate of 1167Mbps. The Tenda AC6 suffers from an improper input validation vulnerability caused by improper handling of the funcname, funcpara1, and funcpara2 parameters in the formSetCfm function. Detailed vulnerability details are currently unavailable

Trust: 2.16

sources: NVD: CVE-2025-57528 // JVNDB: JVNDB-2025-015577 // CNVD: CNVD-2025-24486

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-24486

AFFECTED PRODUCTS

vendor:tendamodel:ac6scope:eqversion:15.03.05.16

Trust: 1.0

vendor:tendamodel:ac6scope: - version: -

Trust: 0.8

vendor:tendamodel:ac6scope:eqversion: -

Trust: 0.8

vendor:tendamodel:ac6scope:eqversion:ac6 firmware 15.03.05.16

Trust: 0.8

vendor:tendamodel:ac6 us ac6v1.0br v15.03.05.16 multi td01scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-24486 // JVNDB: JVNDB-2025-015577 // NVD: CVE-2025-57528

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-57528
value: HIGH

Trust: 1.0

OTHER: JVNDB-2025-015577
value: HIGH

Trust: 0.8

CNVD: CNVD-2025-24486
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-24486
severity: HIGH
baseScore: 7.3
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 9.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-57528
baseSeverity: HIGH
baseScore: 7.7
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: LOW
exploitabilityScore: 2.2
impactScore: 5.5
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-015577
baseSeverity: HIGH
baseScore: 7.7
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-24486 // JVNDB: JVNDB-2025-015577 // NVD: CVE-2025-57528

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.0

problemtype:Inappropriate input confirmation (CWE-20) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-015577 // NVD: CVE-2025-57528

EXTERNAL IDS

db:NVDid:CVE-2025-57528

Trust: 3.2

db:JVNDBid:JVNDB-2025-015577

Trust: 0.8

db:CNVDid:CNVD-2025-24486

Trust: 0.6

sources: CNVD: CNVD-2025-24486 // JVNDB: JVNDB-2025-015577 // NVD: CVE-2025-57528

REFERENCES

url:https://github.com/faqiadegege/iotvuln/blob/main/tendaac6_formsetcfm_funcname_overflow/detail.md

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2025-57528

Trust: 0.8

sources: CNVD: CNVD-2025-24486 // JVNDB: JVNDB-2025-015577 // NVD: CVE-2025-57528

SOURCES

db:CNVDid:CNVD-2025-24486
db:JVNDBid:JVNDB-2025-015577
db:NVDid:CVE-2025-57528

LAST UPDATE DATE

2025-11-19T23:28:49.422000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-24486date:2025-10-22T00:00:00
db:JVNDBid:JVNDB-2025-015577date:2025-10-09T08:32:00
db:NVDid:CVE-2025-57528date:2025-10-03T15:08:38.653

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-24486date:2025-10-22T00:00:00
db:JVNDBid:JVNDB-2025-015577date:2025-10-09T00:00:00
db:NVDid:CVE-2025-57528date:2025-09-19T15:15:49.067