CVE-2025-60343 is a vulnerability identified in the Tenda AC6 router firmware version 15.03.06.50, specifically within the AdvSetMacMtuWan function. This function processes multiple WAN-related parameters including wanMTU, wanSpeed, cloneType, mac, serviceName, serverName, and their secondary counterparts (wanMTU2, wanSpeed2, cloneType2, mac2, serviceName2, serverName2). The vulnerability arises from multiple buffer overflow conditions (CWE-120) when these parameters are supplied with crafted payloads. Exploiting these buffer overflows allows an attacker to cause a Denial of Service (DoS) by crashing or destabilizing the router, thereby disrupting network availability. The CVSS 3.1 base score is 7.5 (high), with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and impact limited to availability (A:H) with no confidentiality or integrity impact. The vulnerability does not require authentication, making it exploitable remotely over the network. No known exploits have been reported in the wild, and no patches have been published at the time of disclosure. The vulnerability's exploitation could lead to significant network outages, especially in environments relying on these routers for WAN connectivity.

For European organizations, the primary impact of CVE-2025-60343 is the potential for network disruption due to Denial of Service attacks targeting Tenda AC6 routers. This can affect small to medium enterprises and home office setups that use these routers as their primary WAN gateway. Disruption of WAN connectivity can lead to loss of business continuity, interruption of critical services, and potential cascading effects on dependent systems. While confidentiality and integrity are not directly impacted, the loss of availability can hinder operational capabilities, remote work, and communication. In sectors such as finance, healthcare, and critical infrastructure, even temporary network outages can have severe operational and reputational consequences. The lack of authentication requirement and ease of exploitation increase the risk of opportunistic attacks from remote adversaries. The absence of known exploits currently provides a window for proactive mitigation, but the high severity score indicates the need for urgent attention.

1. Immediately restrict WAN access to the Tenda AC6 routers by implementing firewall rules that limit inbound traffic to trusted sources only. 2. Segment the network to isolate critical systems from the affected routers, reducing the blast radius of potential DoS attacks. 3. Monitor network traffic for unusual or malformed packets targeting WAN-related parameters indicative of exploitation attempts. 4. Disable any unnecessary remote management features on the routers to reduce exposure. 5. Engage with Tenda support channels to obtain official patches or firmware updates as soon as they become available and prioritize their deployment. 6. Consider temporary replacement or upgrade of affected routers with devices from vendors with a stronger security track record if patching is delayed. 7. Educate IT staff about this vulnerability and incorporate it into incident response plans to ensure rapid detection and response. 8. Employ network intrusion detection/prevention systems (IDS/IPS) with updated signatures to detect attempts to exploit this vulnerability.