{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T14:27:03.311","vulnerabilities":[{"cve":{"id":"CVE-2025-24322","sourceIdentifier":"talos-cna@cisco.com","published":"2025-08-20T14:15:42.263","lastModified":"2026-06-17T08:58:33.487","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad de autenticación predeterminada insegura en la función de autenticación de configuración inicial de Tenda AC6 V5.0 V02.03.01.110. Una solicitud de red especialmente manipulada puede provocar la ejecución de código arbitrario. Un atacante puede acceder al dispositivo para activar esta vulnerabilidad."}],"affected":[{"source":"talos-cna@cisco.com","affectedData":[{"vendor":"Tenda","product":"AC6 V5.0","versions":[{"version":"V02.03.01.110","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-08-20T13:52:20.786739Z","id":"CVE-2025-24322","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-304"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac6_firmware:02.03.01.110:*:*:*:*:*:*:*","matchCriteriaId":"FBBF7445-03C8-48EA-9DC3-BD4825E7CC0A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac6:5.0:*:*:*:*:*:*:*","matchCriteriaId":"CFBE582F-BE50-4810-AAB2-B19F40693ACE"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2025-2163","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2163","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}