CVE-2025-60343 is a security vulnerability identified in the Tenda AC6 router firmware version 15.03.06.50. The flaw resides in the AdvSetMacMtuWan function, which handles several WAN interface parameters including wanMTU, wanSpeed, cloneType, mac, serviceName, serverName, and their secondary counterparts (wanMTU2, wanSpeed2, cloneType2, mac2, serviceName2, serverName2). Multiple buffer overflow conditions occur when these parameters are supplied with crafted payloads exceeding expected input sizes. Buffer overflows can lead to memory corruption, which in this case results in denial of service (DoS) by crashing or destabilizing the router. The vulnerability does not require authentication or user interaction, implying that an attacker with network access to the WAN interface could exploit it remotely. No CVSS score has been assigned yet, and no patches or known exploits are currently reported. The lack of authentication and the ability to cause DoS make this a significant threat to network availability. The affected device, Tenda AC6, is a consumer and small business router, commonly deployed in home and small office environments. Exploitation could disrupt internet connectivity, impacting business operations and user productivity. The vulnerability’s exploitation vector is primarily through crafted network packets targeting the WAN interface parameters, which may be exposed if proper network segmentation or firewall rules are not in place. The absence of patches necessitates immediate mitigation through network controls and monitoring until vendor updates are released.

The primary impact of CVE-2025-60343 is on the availability of network infrastructure, specifically Tenda AC6 routers. Exploitation leads to denial of service, causing routers to crash or become unresponsive, resulting in loss of internet connectivity for affected users. For European organizations, especially small and medium enterprises (SMEs) and home offices relying on Tenda AC6 devices, this could translate into operational disruptions, loss of productivity, and potential financial losses. In critical environments, such as remote work setups or small branch offices, prolonged outages could affect business continuity. Additionally, network instability may increase support costs and complicate incident response. While confidentiality and integrity impacts are not indicated, the availability impact alone is significant given the ease of exploitation and potential for remote attack via the WAN interface. The lack of known exploits in the wild currently limits immediate risk, but the vulnerability’s public disclosure increases the likelihood of future exploitation attempts. European organizations with limited network segmentation or exposed WAN interfaces are particularly vulnerable. The threat also underscores the importance of supply chain and device management in maintaining secure network operations.

1. Immediately inventory and identify all Tenda AC6 routers within the organization’s network to assess exposure. 2. Restrict access to the WAN interface by implementing strict firewall rules that limit inbound traffic to trusted sources only, effectively reducing the attack surface. 3. Employ network segmentation to isolate vulnerable devices from critical infrastructure and sensitive data. 4. Monitor network traffic for unusual or malformed packets targeting the WAN parameters specified in the vulnerability (wanMTU, wanSpeed, cloneType, mac, serviceName, serverName, and their secondary counterparts). 5. Disable remote management features on the router’s WAN interface if enabled, to prevent external exploitation. 6. Engage with Tenda support channels to obtain information on forthcoming patches or firmware updates addressing this vulnerability and plan timely deployment. 7. Consider temporary replacement or upgrade of vulnerable devices in critical environments if patching is delayed. 8. Educate IT staff and users about the risk and signs of router instability or DoS conditions to enable prompt detection and response. 9. Implement network anomaly detection tools capable of identifying buffer overflow attack patterns. 10. Maintain regular backups of router configurations to facilitate rapid recovery in case of compromise or failure.