VYPR
Unrated severityNVD Advisory· Published Aug 31, 2025· Updated Sep 2, 2025

Tenda CH22 httpd IPSECsave fromIpsecitem stack-based overflow

CVE-2025-9748

Description

A vulnerability was determined in Tenda CH22 1.0.0.1. Affected by this issue is the function fromIpsecitem of the file /goform/IPSECsave of the component httpd. Executing manipulation of the argument ipsecno can lead to stack-based buffer overflow. The attack may be performed from remote.

Affected products

2
  • Tenda/CH22llm-fuzzy2 versions
    = 1.0.0.1+ 1 more
    • (no CPE)range: = 1.0.0.1
    • (no CPE)range: 1.0.0.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.