A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. Performing manipulation of the argument page results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
References
| Link | Resource |
|---|---|
| https://github.com/f000x0/cve/issues/7 | Exploit Third Party Advisory Issue Tracking |
| https://vuldb.com/?ctiid.327358 | Permissions Required VDB Entry |
| https://vuldb.com/?id.327358 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.666009 | Third Party Advisory VDB Entry |
| https://www.tenda.com.cn/ | Product |
Configurations
Configuration 1 (hide)
| AND |
|
History
14 Oct 2025, 20:16
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/f000x0/cve/issues/7 - Exploit, Third Party Advisory, Issue Tracking | |
| References | () https://vuldb.com/?ctiid.327358 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.327358 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.666009 - Third Party Advisory, VDB Entry | |
| References | () https://www.tenda.com.cn/ - Product | |
| CPE | cpe:2.3:h:tenda:ch22:-:*:*:*:*:*:*:* cpe:2.3:o:tenda:ch22_firmware:1.0.0.1:*:*:*:*:*:*:* |
|
| First Time |
Tenda
Tenda ch22 Firmware Tenda ch22 |
08 Oct 2025, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-10-08 02:15
Updated : 2025-10-14 20:16
NVD link : CVE-2025-11423
Mitre link : CVE-2025-11423
CVE.ORG link : CVE-2025-11423
JSON object : View
Products Affected
tenda
- ch22
- ch22_firmware
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer