Ch22 Firmware Security Vulnerabilities and Issues — Ch22 Firmware CVE List

Lucene search

TendaCh22 Firmware

11 matches found

CVE•added 2025/06/04 11:15 p.m.•59 views

CVE-2025-5619

A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit...

9.8CVSS8.9AI score0.0016EPSS

Web

CVE•added 2024/09/13 2:15 p.m.•45 views

CVE-2024-46045

Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.

9.8CVSS7.6AI score0.00249EPSS

CVE•added 2025/06/05 8:15 p.m.•45 views

CVE-2025-5685

A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been d...

9.8CVSS8.9AI score0.0016EPSS

Web

CVE•added 2024/09/13 2:15 p.m.•38 views

CVE-2024-46044

CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.

9.8CVSS7.6AI score0.00088EPSS

CVE•added 2025/08/15 3:15 a.m.•11 views

CVE-2025-9006

A vulnerability was identified in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function formdelFileName of the file /goform/delFileName. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

9CVSS7.3AI score0.00079EPSS

CVE•added 2025/08/15 4:15 a.m.•9 views

CVE-2025-9007

A vulnerability has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formeditFileName of the file /goform/editFileName. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

9CVSS7.2AI score0.00079EPSS

CVE•added 2025/08/26 3:15 a.m.•8 views

CVE-2025-9443

A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument new_account can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and ma...

9CVSS8.8AI score0.00048EPSS

CVE•added 2025/07/26 7:15 a.m.•7 views

CVE-2025-8180

A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formdeleteUserName of the file /goform/deleteUserName. The manipulation of the argument old_account leads to buffer overflow. The attack may be launched remotely. The expl...

9CVSS8.8AI score0.00094EPSS

Web

CVE•added 3 days ago•6 views

CVE-2025-9812

A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed ...

9CVSS8.7AI score0.00046EPSS

CVE•added 5 days ago•4 views

CVE-2025-9748

A vulnerability was determined in Tenda CH22 1.0.0.1. Affected by this issue is the function fromIpsecitem of the file /goform/IPSECsave of the component httpd. Executing manipulation of the argument ipsecno can lead to stack-based buffer overflow. The attack may be performed from remote.

9.8CVSS8.8AI score0.00046EPSS

CVE•added 3 days ago•3 views

CVE-2025-9813

A vulnerability was identified in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument samba_userNameSda leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and...

9CVSS8.8AI score0.00046EPSS