| Title | Tenda AC6 15.03.06.50 Stack-based Buffer Overflow |
|---|
| Description | A critical stack-based buffer overflow vulnerability has been discovered in the Tenda AC6 router firmware version 15.03.06.50. The vulnerability exists in the /goform/WifiGuestSet HTTP request handler and can be exploited by remote attackers to achieve code execution or cause denial of service through malformed HTTP requests. The vulnerability is triggered when processing requests containing the following parameters with excessive data lengths: shareSpeed. |
|---|
| Source | ⚠️ https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda/WifiGuestSet/WifiGuestSet.md |
|---|
| User | z472421519 (UID 91218) |
|---|
| Submission | 10/11/2025 19:52 (8 months ago) |
|---|
| Moderation | 10/25/2025 18:55 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 329895 [Tenda AC6 15.03.06.50 HTTP Request /goform/WifiGuestSet shareSpeed stack-based overflow] |
|---|
| Points | 20 |
|---|