📦

ch22

Vendor: tenda

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 1 Remote Access
Total CVEs 83 Total Indexed
Avg. EPSS 0.38% Exploit Prob.
Latest CVE CVE-2026-5962 Apr 09

Security Vulnerability Index

Page 4 / 9
8.7 CVSS
CVE-2025-9748

A vulnerability was determined in Tenda CH22 1.0.0.1. Affected by this issue is the function fromIpsecitem of the file /goform/IPSECsave of the component httpd. Executing manipulation of the argument ipsecno can lead to stack-based buffer overflow. The attack may be performed from remote.

EPSS: 0.30%
7.4 CVSS
CVE-2025-9443

A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument new_account can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.

EPSS: 0.36%
7.4 CVSS
CVE-2025-9007

A vulnerability has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formeditFileName of the file /goform/editFileName. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

EPSS: 0.39%
7.4 CVSS
CVE-2025-9006

A vulnerability was identified in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function formdelFileName of the file /goform/delFileName. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

EPSS: 0.39%
7.4 CVSS
CVE-2025-8180

A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formdeleteUserName of the file /goform/deleteUserName. The manipulation of the argument old_account leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

EPSS: 1.55%
8.7 CVSS
CVE-2025-5685

A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

EPSS: 0.93%
8.7 CVSS
CVE-2025-5619

A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

EPSS: 1.65%
9.8 CVSS
CVE-2024-46045

Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.

EPSS: 0.34%
9.8 CVSS
CVE-2024-46044

CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.

EPSS: 0.13%