Skip to main content

Ch22

1 CVEs product

Monthly

CVE-2026-15543 HIGH POC This Week

Buffer overflow in the Tenda CH22 router (firmware 1.0.0.1) allows a remote, authenticated attacker to corrupt memory by supplying an overlong 'Name' argument to the formCertListInfo function in the /goform/CertListInfo endpoint. The flaw was disclosed by VulDB with publicly available exploit code, and the CVSS 4.0 score of 8.7 reflects high confidentiality, integrity, and availability impact. No public exploit identified in CISA KEV, so this is a proof-of-concept-stage issue rather than confirmed in-the-wild abuse.

Tenda Buffer Overflow Ch22
NVD VulDB
CVSS 4.0
7.4
EPSS
0.5%
EPSS 0% CVSS 7.4
HIGH POC This Week

Buffer overflow in the Tenda CH22 router (firmware 1.0.0.1) allows a remote, authenticated attacker to corrupt memory by supplying an overlong 'Name' argument to the formCertListInfo function in the /goform/CertListInfo endpoint. The flaw was disclosed by VulDB with publicly available exploit code, and the CVSS 4.0 score of 8.7 reflects high confidentiality, integrity, and availability impact. No public exploit identified in CISA KEV, so this is a proof-of-concept-stage issue rather than confirmed in-the-wild abuse.

Tenda Buffer Overflow Ch22
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy