Description
A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.
Problem types
CWE-772: Missing Release of Resource after Effective Lifetime
Product status
Credits
Discovered by Lilith >_> of Cisco Talos.
References
talosintelligence.com/vulnerability_reports/TALOS-2025-2166
