CVE-2025-60340

Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the limitSpeed, deviceId, and limitSpeedUp parameters.

More information : https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda/SetClientState/SetClientState.md