CVE-2025-24322 is a high-severity vulnerability affecting the Tenda AC6 V5.0 router, specifically version V02.03.01.110. The vulnerability is classified under CWE-304, which indicates a missing critical step in authentication. In this case, the Initial Setup Authentication functionality of the device lacks proper authentication controls, allowing an attacker to send a specially crafted network request to the device without any prior authentication or user interaction. This flaw enables arbitrary code execution on the device, which means an attacker can execute malicious code remotely, potentially taking full control of the router. The vulnerability is exploitable over the network (AV:N), requires high attack complexity (AC:H), does not require privileges (PR:N), and does not require user interaction (UI:N). The impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H), indicating that exploitation can lead to complete compromise of the device and the network it serves. Although no known exploits are currently reported in the wild, the severity and nature of the vulnerability make it a critical risk for affected users. The lack of a patch link suggests that a fix may not yet be publicly available, increasing the urgency for mitigation measures.

For European organizations, this vulnerability poses a significant risk, especially for those relying on Tenda AC6 V5.0 routers in their network infrastructure. Successful exploitation could lead to unauthorized access to internal networks, interception or manipulation of sensitive data, disruption of network services, and use of compromised devices as a foothold for further attacks. Given the high confidentiality, integrity, and availability impacts, critical business operations could be disrupted, leading to financial losses, reputational damage, and potential regulatory non-compliance under GDPR if personal data is compromised. The fact that exploitation requires no authentication or user interaction increases the threat level, as attackers can remotely target vulnerable devices without user awareness. This is particularly concerning for small and medium enterprises (SMEs) and home office environments where such routers are commonly deployed and where security monitoring may be limited.

1. Immediate network segmentation: Isolate Tenda AC6 V5.0 devices from critical network segments to limit potential lateral movement in case of compromise. 2. Disable remote management interfaces on the affected routers if enabled, to reduce exposure to external attackers. 3. Monitor network traffic for unusual or suspicious requests targeting the router's setup interface, employing intrusion detection systems (IDS) with custom rules if possible. 4. Replace or upgrade affected devices: If a firmware patch is not yet available, consider replacing the Tenda AC6 V5.0 routers with models from vendors with timely security updates. 5. Implement strict firewall rules to restrict access to router management interfaces to trusted IP addresses only. 6. Regularly check vendor communications for firmware updates or patches addressing this vulnerability and apply them promptly once available. 7. Educate network administrators and users about the risks and signs of compromise related to router vulnerabilities.