CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-9748

A vulnerability was determined in Tenda CH22 1.0.0.1. Affected by this issue is the function fromIpsecitem of the file /goform/IPSECsave of the component httpd. Executing manipulation of the argument ipsecno can lead to stack-based buffer overflow. The attack may be performed from remote.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

https://github.com/physicszq/Routers/tree/main/tmp/02
https://vuldb.com/?ctiid.322049
https://vuldb.com/?id.322049
https://vuldb.com/?submit.640422
https://www.tenda.com.cn/
https://github.com/physicszq/Routers/tree/main/tmp/02

Products affected by CVE-2025-9748

Tenda » Ch22 » Version: N/A

cpe:2.3:h:tenda:ch22:-
Tenda » Ch22 Firmware » Version: 1.0.0.1

cpe:2.3:o:tenda:ch22_firmware:1.0.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-9748

Products

Pricing

Contact Us