CVE-2025-0349 | Tenda AC6 15.03.05.16 GetParentControlInfo src stack-based overflow

Inserito da Angelo Barbosa | Gen 8, 2025 | CVE

A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src leads to stack-based buffer overflow.

This vulnerability is traded as CVE-2025-0349. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.

CVE-2025-0349 | Tenda AC6 15.03.05.16 GetParentControlInfo src stack-based overflow

Post correlati

CVE-2024-47059 | Mautic up to 5.1.0 observable response discrepancy (GHSA-8vff-35qm-qjvv)

CVE-2024-0303 | Youke365 up to 1.5.3 Parameter caiji.php url server-side request forgery

CVE-2024-6891 | Journyx jtime 11.5.4 Login Flow code injection

CVE-2024-25582 | Open-Xchange OX App Suite up to 7.10.6-rev42 Module Savepoint cross site scripting