In the controlled bidirectional quantum secure direct communication, two users can successfully exchange their private messages only when a third party permits. Recently, a controlled bidirectional quantum secure direct communication protocol with six-qubit entangled states was proposed (Int. J. Theor. Phys. 60(8), 2943-2950 2021). It claimed that, in the protocol, the participant Bob can decode Alice's private message only with Charlie's agreement. However, in this comment, it is pointed out that Bob can decode Alice's private message without needing Charlie's agreement by constructing an intercept-and-resend attack. Furthermore, to resist the constructed attack, an improving strategy is suggested. The comment can help designers of such protocols avoid similar mistakes in the future.