CVE-2025-60338 is a stack-based buffer overflow vulnerability identified in the Tenda AC6 V2.0 router firmware version 15.03.06.50, specifically within the DhcpListClient function. The vulnerability arises from improper handling of the 'page' parameter, which can be manipulated by an attacker to overflow the stack. This overflow can lead to a denial of service (DoS) condition by crashing the device or causing it to become unresponsive. The vulnerability is remotely exploitable over the network without requiring any authentication or user interaction, making it particularly dangerous for exposed devices. The CVSS v3.1 base score is 7.5, reflecting high severity due to the network attack vector, low attack complexity, no privileges required, and no user interaction needed. The impact is limited to availability, with no direct compromise of confidentiality or integrity. Currently, there are no patches or firmware updates publicly available to remediate this issue, and no known exploits have been observed in the wild. The vulnerability is classified under CWE-787 (Out-of-bounds Write), a common weakness that can lead to memory corruption and system instability. Organizations using Tenda AC6 routers should be aware of this vulnerability as it could disrupt network operations if exploited.

For European organizations, the primary impact of CVE-2025-60338 is the potential disruption of network services due to router crashes caused by the stack overflow. This can lead to denial of service conditions affecting business continuity, especially for small and medium enterprises or branch offices relying on Tenda AC6 routers for internet connectivity. Critical infrastructure sectors such as healthcare, finance, and manufacturing could face operational interruptions if these devices are targeted. Although the vulnerability does not allow data theft or manipulation, the loss of availability can indirectly affect confidentiality and integrity by forcing fallback to less secure communication methods or causing delays in security monitoring. The lack of authentication requirement and ease of exploitation increase the risk of automated scanning and attacks, potentially amplifying the impact across multiple organizations. Additionally, since no patches are currently available, affected entities may need to rely on network-level mitigations, which might not fully prevent exploitation, thereby prolonging exposure.

1. Monitor vendor communications closely for firmware updates or patches addressing CVE-2025-60338 and apply them immediately upon release. 2. Until patches are available, restrict access to the router's management interfaces and DHCP services by implementing network segmentation and firewall rules that limit inbound traffic to trusted sources only. 3. Employ intrusion detection and prevention systems (IDS/IPS) to identify and block suspicious packets targeting the DhcpListClient function or unusual traffic patterns on the affected router. 4. Regularly audit network devices to identify the presence of Tenda AC6 routers running vulnerable firmware and consider replacing them with more secure alternatives if patching is not feasible. 5. Educate network administrators about the vulnerability and encourage proactive monitoring of router logs for signs of exploitation attempts. 6. Implement network redundancy and failover mechanisms to minimize service disruption in case of a successful DoS attack exploiting this vulnerability.