CVE-2025-27129

Tenda · AC6

An authentication bypass vulnerability in Tenda AC6 allows remote attackers to execute arbitrary code via specially crafted HTTP requests.

Executive summary

An authentication bypass vulnerability in Tenda AC6 allows unauthenticated remote attackers to execute arbitrary code on the device.

Vulnerability

An authentication bypass exists in the HTTP authentication functionality of the affected device. This allows an unauthenticated attacker to send crafted requests that bypass security checks and lead to arbitrary code execution.

Business impact

The CVSS score of 9.8 reflects the high risk associated with remote code execution on networking equipment. Exploitation allows an attacker to gain administrative control over the router, potentially intercepting network traffic, modifying configurations, or using the device as a pivot point for further network infiltration.

Remediation

Immediate Action: Update the firmware of the Tenda AC6 to the latest available version provided by the manufacturer.

Proactive Monitoring: Monitor network traffic for anomalous HTTP requests directed at the management interface of the router.

Compensating Controls: Restrict administrative access to the router to trusted internal IP addresses only, and disable remote management interfaces if they are not strictly necessary.

Exploitation status

Public Exploit Available: Not specified

Analyst recommendation

Given the ease with which this vulnerability can be exploited and the critical nature of network hardware, it is imperative to apply the relevant firmware update immediately. Failure to patch may allow attackers to compromise the perimeter and gain unauthorized access to the internal network.