216.73.217.86

CVE-2025-9812

· Published 02/09/2025 03:15 · Modified 02/09/2025 15:55

Labels: CVE-2025-9812 2025-09-02CVE-2025-9812CWE-119[email protected]

Essential information

Published
02/09/2025 03:15
Modified
02/09/2025 15:55
Author
Creator
CVSS
7.4 HIGH (v3) 7.4 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
tenda / ch22 cpe:2.3:a:tenda:ch22:1.0.0.1:*:*:*:*:*:*:*

References