CVE-2025-12265

CWE-119Buffer OverflowCWE-120Classic Buffer Overflow4 documents4 sources
Severity
7.4HIGH
EPSS
0.1%
top 67.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Tenda Ch22Tenda Ch22 Firmware
Timeline
PublishedOct 27

Description

A weakness has been identified in Tenda CH22 1.0.0.1. Affected by this issue is the function fromVirtualSer of the file /goform/VirtualSer. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5tenda/ch221.0.0.1
NVDtenda/ch22_firmware1.0.0.1

🔴Vulnerability Details

2
GHSA
GHSA-g83h-p55w-5p3r: A weakness has been identified in Tenda CH22 12025-10-27
CVEList
Tenda CH22 VirtualSer fromVirtualSer buffer overflow2025-10-27

🔍Detection Rules

1
Suricata
ET WEB_SPECIFIC_APPS Tenda VirtualSer page Parameter Buffer Overflow Attempt (CVE-2025-12265)2025-10-27
CVE-2025-12265 (HIGH CVSS 7.4) | A weakness has been identified in T | cvebase.io