CVE-2025-32010 HIGH

CVE-2025-32010

Vendor Tenda
Product AC6 V5.0
Weakness CWE-121
Published August 20, 2025
Last update November 3, 2025

CVSS base score

8.1/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.

Key dates

02Disclosure timeline

August 20, 2025 CVE published
November 3, 2025 Record updated