CVE-2025-60337 is a buffer overflow vulnerability classified under CWE-120, affecting the Tenda AC6 V2.0 router firmware version 15.03.06.50. The flaw resides in the handling of the speed_dir parameter within the SetSpeedWan function. An attacker can send a specially crafted input to this parameter remotely over the network without requiring any privileges or user interaction. This crafted input causes a buffer overflow condition, which leads to a denial of service by crashing or freezing the router, thereby disrupting network connectivity. The vulnerability is remotely exploitable over the WAN interface, increasing the attack surface. Although no public exploits have been reported yet, the vulnerability's nature and ease of exploitation (no authentication or user interaction needed) make it a significant threat. The CVSS v3.1 base score of 7.5 reflects high severity due to the impact on availability and the low attack complexity. No patches or official mitigations have been released at the time of disclosure, leaving affected devices vulnerable. The router is commonly used in SOHO environments, where network availability is critical for business operations and remote work. The absence of confidentiality or integrity impact limits the threat to availability disruption only.

For European organizations, the primary impact of this vulnerability is the potential denial of service on network infrastructure provided by the Tenda AC6 V2.0 routers. This can lead to loss of internet connectivity, disruption of business operations, and potential downtime for remote workers or branch offices relying on these devices. The disruption could affect critical communications, cloud access, and VoIP services. Although the vulnerability does not directly compromise data confidentiality or integrity, the availability impact can indirectly affect operational continuity and productivity. Organizations with limited IT support or those relying heavily on SOHO-grade equipment are particularly vulnerable. Additionally, sectors with high dependency on continuous network uptime, such as finance, healthcare, and manufacturing, may experience operational risks. The lack of a patch increases the window of exposure, and attackers could develop exploits given the straightforward nature of the buffer overflow. The vulnerability could also be leveraged as part of a larger attack chain to cause disruption or as a distraction while other attacks are conducted.

1. Immediately isolate affected Tenda AC6 V2.0 routers from critical network segments to limit exposure, especially on the WAN interface. 2. Implement strict firewall rules to restrict inbound traffic to the router’s management and WAN ports, allowing only trusted IP addresses where possible. 3. Monitor network traffic for unusual or malformed packets targeting the speed_dir parameter or the SetSpeedWan function, using IDS/IPS solutions with custom signatures if feasible. 4. Employ network segmentation to separate SOHO devices from core business networks to contain potential disruptions. 5. Regularly check for firmware updates from Tenda and apply patches promptly once available. 6. Consider replacing vulnerable devices with more secure, enterprise-grade routers if patching is delayed or unavailable. 7. Educate IT staff and users about the risks and signs of router instability or DoS conditions to enable rapid incident response. 8. Maintain offline backups of router configurations to enable quick recovery or device replacement. 9. Engage with vendors and security communities to stay informed about emerging exploits or mitigation techniques related to this vulnerability.