VYPR

CH22

by Tenda

CVEs (39)

  • CVE-2024-46045CriSep 13, 2024
    risk 0.64cvss 9.8epss 0.01

    Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.

  • CVE-2024-46044CriSep 13, 2024
    risk 0.64cvss 9.8epss 0.01

    CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.

  • CVE-2025-8180HigJul 26, 2025
    risk 0.58cvss 8.8epss 0.07

    A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formdeleteUserName of the file /goform/deleteUserName. The manipulation of the argument old_account leads to buffer overflow. The attack may be…

  • CVE-2026-5605HigApr 6, 2026
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in Tenda CH22 1.0.0.1. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been made…

  • CVE-2026-5604HigApr 5, 2026
    risk 0.57cvss 8.8epss 0.01

    A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function formCertLocalPrecreate of the file /goform/CertLocalPrecreate of the component Parameter Handler. Performing a manipulation of the argument standard results in stack-based buffer…

  • CVE-2026-5204HigMar 31, 2026
    risk 0.57cvss 8.8epss 0.02

    A vulnerability was determined in Tenda CH22 1.0.0.1. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component Parameter Handler. This manipulation of the argument webSiteId causes stack-based buffer overflow. The attack can be initiated…

  • CVE-2026-5156HigMar 31, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in Tenda CH22 1.0.0.1. This impacts the function formQuickIndex of the file /goform/QuickIndex of the component Parameter Handler. This manipulation of the argument mit_linktype causes stack-based buffer overflow. The attack is possible to be…

  • CVE-2026-5155HigMar 30, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component Parameter Handler. The manipulation of the argument wanmode results in stack-based buffer overflow. The attack can be executed remotely. The…

  • CVE-2026-5154HigMar 30, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of the file /goform/setcfm of the component Parameter Handler. The manipulation of the argument funcname leads to stack-based buffer overflow. Remote exploitation of the…

  • CVE-2026-5152HigMar 30, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in Tenda CH22 1.0.0.1. Impacted is the function formCreateFileName of the file /goform/createFileName. Performing a manipulation of the argument fileNameMit results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is…

  • CVE-2025-5685HigJun 5, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely.…

  • CVE-2025-5619HigJun 4, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated…

  • CVE-2025-12235HigOct 27, 2025
    risk 0.52cvss 8.0epss 0.05

    A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made…

  • CVE-2026-5962HigApr 9, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used.

  • CVE-2025-15076HigDec 25, 2025
    risk 0.47cvss 7.3epss 0.01

    A weakness has been identified in Tenda CH22 1.0.0.1. Impacted is an unknown function of the file /public/. Executing a manipulation can lead to path traversal. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.

  • CVE-2026-5153MedMar 30, 2026
    risk 0.41cvss 6.3epss 0.03

    A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and…

  • CVE-2025-15229Dec 30, 2025
    risk 0.00cvss epss 0.04

    A vulnerability has been found in Tenda CH22 up to 1.0.0.1. Affected by this vulnerability is the function fromDhcpListClient of the file /goform/DhcpListClient. Such manipulation of the argument LISTLEN leads to denial of service. The attack may be launched remotely. The…

  • CVE-2025-14526Dec 11, 2025
    risk 0.00cvss epss 0.01

    A security flaw has been discovered in Tenda CH22 1.0.0.1. This affects the function frmL7ImForm of the file /goform/L7Im. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to…

  • CVE-2025-13400Nov 19, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was detected in Tenda CH22 1.0.0.1. Affected is the function formWrlExtraGet of the file /goform/WrlExtraGet. Performing a manipulation of the argument chkHz results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and…

  • CVE-2025-13288Nov 17, 2025
    risk 0.00cvss epss 0.01

    A security vulnerability has been detected in Tenda CH22 1.0.0.1. This impacts the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to buffer overflow. The attack is possible to be carried out remotely. The exploit…

Page 1 of 2