Description
A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet.
Published: 2024-02-21
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Feb 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Tendacn
Tendacn ac6 Firmware
CPEs cpe:2.3:o:tendacn:ac6_firmware:03.03.02.01_cn_tdc01:*:*:*:*:*:*:*
Vendors & Products Tendacn
Tendacn ac6 Firmware
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00086}

 epss

{'score': 0.00117}

Tue, 25 Mar 2025 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Tenda
Tenda ac6
Tenda ac6 Firmware
CPEs cpe:2.3:h:tenda:ac6:5.0:*:*:*:*:*:*:*
cpe:2.3:o:tenda:ac6_firmware:03.03.02.01_cn_tdc01:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda ac6
Tenda ac6 Firmware

Wed, 14 Aug 2024 16:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}

Subscriptions

Tenda Ac6 Ac6 Firmware
Tendacn Ac6 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-14T15:11:02.428Z

Reserved: 2023-01-23T00:00:00.000Z

Link: CVE-2023-24332

cve-icon Vulnrichment

Updated: 2024-08-02T10:56:03.176Z

cve-icon NVD

Status : Analyzed

Published: 2024-02-21T21:15:08.617

Modified: 2025-03-25T16:47:13.877

Link: CVE-2023-24332

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses