Vulnerability Database

299,038

Total vulnerabilities in the database

CVE-2025-7914

A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads to buffer overflow. The attack can be launched remotely.

Published: Jul 21, 2025
Updated: Jul 22, 2025
CVE: CVE-2025-7914
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-119
CWE-120

Affected Software
References

Software	From	Fixed in
tenda / ac6_firmware	15.03.06.50	15.03.06.50.x

https://github.com/gaochen61/IoTVuln/blob/main/Tenda_AC6_V15.03.06.50/setparentcontrolinfo.md
https://vuldb.com/?ctiid.317029
https://vuldb.com/?id.317029
https://vuldb.com/?submit.618859
https://www.tenda.com.cn/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo