Ac6 firmware

This hub aggregates every CVE we track for Ac6 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Ac6 firmware.

• CVE-2026-8265Tenda AC6 httpd getLogFile get_log_file os command injection4.7May 11, 2026
• CVE-2026-8264Tenda AC6 httpd WifiApScan formWifiApScan os command injection6.3May 11, 2026
• CVE-2026-8259Tenda AC6 httpd telnet os command injection4.7May 11, 2026
• CVE-2025-52221Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters.9.8Apr 8, 2026
• CVE-2026-4961Tenda AC6 POST Request QuickIndex formQuickIndex stack-based overflow8.8Mar 27, 2026
• CVE-2026-4960Tenda AC6 POST Request WizardHandle fromWizardHandle stack-based overflow8.8Mar 27, 2026
• CVE-2025-12225Tenda AC6 HTTP Request WifiGuestSet stack-based overflow8.8Oct 27, 2025
• CVE-2025-60338Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the DhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) vi...7.5Oct 22, 2025
• CVE-2025-60340Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the limitSpeed, deviceId...7.5Oct 22, 2025
• CVE-2025-60343Multiple buffer overflows in the AdvSetMacMtuWan function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the wanMTU, wanSpeed, c...7.5Oct 22, 2025
• CVE-2025-60339Multiple buffer overflow vulnerabilities in the openSchedWifi function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the schedS...7.5Oct 22, 2025
• CVE-2025-60337Tenda AC6 V2.0 15.03.06.50 was discovered to contain a buffer overflow in the speed_dir parameter in the SetSpeedWan function. This vulnerability allows attackers to cause a Denial of Service (DoS)...7.5Oct 22, 2025
• CVE-2025-60342Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the addressNat function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a ...7.5Oct 22, 2025
• CVE-2025-60341Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (...7.5Oct 22, 2025
• CVE-2025-57528An issue was discovered in Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01 allowing attackers to cause a denial of service via the funcname, funcpara1, funcpara2 parameters to the formSetCfm functio...7.7Sep 19, 2025