VYPR
High severity8.8NVD Advisory· Published Jul 26, 2025· Updated Jun 17, 2026

CVE-2025-8180

CVE-2025-8180

Description

A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formdeleteUserName of the file /goform/deleteUserName. The manipulation of the argument old_account leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Affected products

2
  • Tenda/CH22llm-fuzzy2 versions
    1.0.0.1+ 1 more
    • (no CPE)range: 1.0.0.1
    • (no CPE)range: 1.0.0.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.