Latest CVE Feed
-
9.8
CRITICALCVE-2025-24322
An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trig... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
7.5
HIGHCVE-2025-24496
An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this v... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2025-27129
An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability.... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4507
A vulnerability was found in Ruijie RG-UAC up to 20240428 and classified as critical. This issue affects some unknown processing of the file /view/IPV6/ipv6StaticRoute/static_route_add_ipv6.php. The manipulation of the argument text_prefixlen/text_gateway... Read more
- Published: May. 06, 2024
- Modified: Aug. 21, 2025
-
8.6
HIGHCVE-2025-30256
A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerabilit... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2025-31355
A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vu... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2025-32010
A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
6.5
MEDIUMCVE-2025-55499
Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function.... Read more
- Published: Aug. 20, 2025
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4255
A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. The manipulation of the argument name leads to os comma... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: Apr. 27, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4508
A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been classified as critical. Affected is an unknown function of the file /view/IPV6/ipv6StaticRoute/static_route_edit_ipv6.php. The manipulation of the argument oldipmask/oldgateway/olddevn... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 06, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4509
A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/IPV6/naborTable/add_commit.php. The manipulation of the argument ip_addr/mac_addr lea... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 06, 2024
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2024-4813
A vulnerability classified as critical has been found in Ruijie RG-UAC up to 20240506. Affected is an unknown function of the file /view/networkConfig/physicalInterface/interface_commit.php. The manipulation of the argument name leads to os command inject... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 14, 2024
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2024-4814
A vulnerability classified as critical was found in Ruijie RG-UAC up to 20240506. Affected by this vulnerability is an unknown functionality of the file /view/networkConfig/RouteConfig/StaticRoute/static_route_edit_commit.php. The manipulation of the argu... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 14, 2024
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2024-4815
A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240506. Affected by this issue is some unknown functionality of the file /view/bugSolve/viewData/detail.php. The manipulation of the argument filename leads to os c... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 14, 2024
- Modified: Aug. 21, 2025
-
9.8
CRITICALCVE-2024-4816
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240506. This affects an unknown part of the file /view/networkConfig/GRE/gre_add_commit.php. The manipulation of the argument name/remote/local/IP leads to os command in... Read more
Affected Products : rg-uac_firmware rg-uac_6000-e50_firmware rg-uac rg-uac_6000-e50 rg-uac_6000-cc_firmware rg-uac_6000-cc rg-uac_6000-e10_firmware rg-uac_6000-e10 rg-uac_6000-e10c_firmware rg-uac_6000-e10c +46 more products- Published: May. 14, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4506
A vulnerability has been found in Ruijie RG-UAC up to 20240428 and classified as critical. This vulnerability affects unknown code of the file /view/IPV6/ipv6Addr/ip_addr_edit_commit.php. The manipulation of the argument text_ip_addr/orgprelen/orgname lea... Read more
- Published: May. 05, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4505
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240428. This affects an unknown part of the file /view/IPV6/ipv6Addr/ip_addr_add_commit.php. The manipulation of the argument prelen/ethname leads to os command injectio... Read more
- Published: May. 05, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4504
A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240428. Affected by this issue is some unknown functionality of the file /view/HAconfig/baseConfig/commit.php. The manipulation of the argument peer_ip/local_ip lea... Read more
- Published: May. 05, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4503
A vulnerability classified as critical was found in Ruijie RG-UAC up to 20240428. Affected by this vulnerability is an unknown functionality of the file /view/dhcp/dhcpConfig/dhcp_relay_commit.php. The manipulation of the argument interface_from leads to ... Read more
- Published: May. 05, 2024
- Modified: Aug. 21, 2025
-
7.2
HIGHCVE-2024-4502
A vulnerability classified as critical has been found in Ruijie RG-UAC up to 20240428. Affected is an unknown function of the file /view/dhcp/dhcpClient/dhcp_client_commit.php. The manipulation of the argument ifName leads to os command injection. It is p... Read more
- Published: May. 05, 2024
- Modified: Aug. 21, 2025