CVE-2025-60342 is a stack-based buffer overflow vulnerability identified in the Tenda AC6 V2.0 router firmware version 15.03.06.50. The vulnerability resides in the addressNat function, specifically in the handling of the page parameter, which does not properly validate input size, leading to a stack overflow condition. This flaw allows an unauthenticated remote attacker to send a specially crafted request to the router, triggering the overflow and causing the device to crash or reboot, resulting in a Denial of Service (DoS). The vulnerability requires no privileges or user interaction and can be exploited remotely over the network, making it highly accessible to attackers scanning for vulnerable devices. The CVSS v3.1 score of 7.5 reflects the high impact on availability with no confidentiality or integrity impact. The vulnerability is categorized under CWE-121 (Stack-based Buffer Overflow), a common and well-understood flaw type. No patches or official mitigations have been published by Tenda as of the vulnerability disclosure date. While no known exploits are currently active in the wild, the simplicity of the attack vector and the critical nature of network availability make this a significant threat. The affected product, Tenda AC6, is a consumer-grade router commonly used in home and small office environments, which may lack robust security monitoring and controls.

The primary impact of CVE-2025-60342 is on the availability of network services relying on the Tenda AC6 routers. Successful exploitation results in device crashes or reboots, causing temporary loss of internet connectivity and disruption of internal network communications. For European organizations, especially small and medium enterprises (SMEs) and home office users who deploy these routers, this can lead to operational downtime, loss of productivity, and potential secondary impacts if critical services depend on continuous network access. While the vulnerability does not compromise confidentiality or integrity, the denial of service can affect business continuity and may expose organizations to follow-on attacks during recovery periods. The lack of authentication requirements and ease of remote exploitation increase the risk of widespread scanning and attack attempts. In sectors where network uptime is critical, such as healthcare, finance, or remote work environments prevalent in Europe, the impact could be more severe. Additionally, disruption in connectivity may hinder security monitoring and incident response capabilities.

1. Immediate mitigation should focus on network-level controls: restrict WAN access to the router's management interfaces using firewall rules or access control lists to prevent unauthorized external access. 2. Segment networks to isolate critical systems from consumer-grade routers vulnerable to exploitation. 3. Monitor network traffic for unusual or malformed requests targeting the addressNat function or the page parameter to detect potential exploitation attempts. 4. Engage with Tenda support channels to obtain information on firmware updates or patches addressing this vulnerability; apply updates promptly once available. 5. Consider replacing vulnerable Tenda AC6 routers with devices from vendors with a strong security track record and timely patch management. 6. Educate users and administrators about the risks of exposing router management interfaces to the internet and enforce strong password policies. 7. Implement network redundancy where possible to minimize downtime in case of device failure due to exploitation.