CVE-2025-5855 – Tenda AC6 Stack-Based Buffer Overflow Vulnerability

June 9, 2025

CVE ID : CVE-2025-5855

Published : June 9, 2025, 2:15 a.m. | 1 hour, 29 minutes ago

Description : A vulnerability, which was classified as critical, was found in Tenda AC6 15.03.05.16. This affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5856 – PHPGurukul BP Monitoring Management System SQL Injection Vulnerability

Next Article CVE-2025-5854 – “Tenda AC6 Buffer Overflow Vulnerability”

Highlights

CVE-2025-48997 – Multer DoS Denial of Service Vulnerability

June 3, 2025

CVE ID : CVE-2025-48997

Published : June 3, 2025, 7:15 p.m. | 15 minutes ago

Description : Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.1 allows an attacker to trigger a Denial of Service (DoS) by sending an upload file request with an empty string field name. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to `2.0.1` to receive a patch. No known workarounds are available.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-5855 – Tenda AC6 Stack-Based Buffer Overflow Vulnerability

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Apple Patches Flaw Exploited in Zero-click Paragon Spyware Attacks

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

Advanced audio dialog and generation with Gemini 2.5

BlueBubbles is a cross-platform app ecosystem

Internet Explorer exploit could let phishers steal logins

CVE-2025-48997 – Multer DoS Denial of Service Vulnerability

CVE-2025-47677 – GT3themes Photo Gallery Stored Cross-site Scripting

Implementing Account Suspension in Laravel

CVE-2025-31359 – Parallels Desktop Directory Traversal Vulnerability

CVE-2025-5855 – Tenda AC6 Stack-Based Buffer Overflow Vulnerability

Related Posts