ГлавнаяУязвимости → CVE-2025-9443
8.8высокая

CVE-2025-9443

Описание

A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument new_account can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.

Затрагиваемое ПО
Tenda Ch22 firmwareTenda Ch22
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/moweizhang1994/cve/issues/4https://vuldb.com/?ctiid.321281https://vuldb.com/?id.321281https://vuldb.com/?submit.634271https://www.tenda.com.cn/https://github.com/moweizhang1994/cve/issues/4