Sign-up

ID

VAR-202510-2330


CVE

CVE-2025-12274


TITLE

Tenda CH22 buffer overflow vulnerability in the fromP2pListFilter function

Trust: 0.6

sources: CNVD: CNVD-2025-27440

DESCRIPTION

A security vulnerability has been detected in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The Tenda CH22 is a network device manufactured by Tenda, a Chinese company. This vulnerability stems from the fact that the `page` parameter of the function `fromP2pListFilter` in the file `/goform/P2pListFilter` fails to properly validate the length of the input data. Attackers could exploit this vulnerability to execute arbitrary code on the system or cause a denial-of-service attack

Trust: 1.44

sources: NVD: CVE-2025-12274 // CNVD: CNVD-2025-27440

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-27440

AFFECTED PRODUCTS

vendor:tendamodel:ch22scope:eqversion:1.0.0.1

Trust: 1.6

sources: CNVD: CNVD-2025-27440 // NVD: CVE-2025-12274

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-12274
value: HIGH

Trust: 1.0

CNVD: CNVD-2025-27440
value: HIGH

Trust: 0.6

cna@vuldb.com: CVE-2025-12274
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2025-27440
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-12274
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2025-27440 // NVD: CVE-2025-12274

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-120

Trust: 1.0

sources: NVD: CVE-2025-12274

PATCH

title:Patch for Tenda CH22 buffer overflow vulnerability in the fromP2pListFilter functionurl:https://www.cnvd.org.cn/patchInfo/show/748311

Trust: 0.6

sources: CNVD: CNVD-2025-27440

EXTERNAL IDS

db:NVDid:CVE-2025-12274

Trust: 1.6

db:VULDBid:329946

Trust: 1.0

db:CNVDid:CNVD-2025-27440

Trust: 0.6

sources: CNVD: CNVD-2025-27440 // NVD: CVE-2025-12274

REFERENCES

url:https://github.com/qiu-die/cve/issues/23

Trust: 1.6

url:https://vuldb.com/?id.329946

Trust: 1.0

url:https://vuldb.com/?ctiid.329946

Trust: 1.0

url:https://vuldb.com/?submit.674165

Trust: 1.0

url:https://www.tenda.com.cn/

Trust: 1.0

sources: CNVD: CNVD-2025-27440 // NVD: CVE-2025-12274

SOURCES

db:CNVDid:CNVD-2025-27440
db:NVDid:CVE-2025-12274

LAST UPDATE DATE

2025-11-19T23:22:20.690000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-27440date:2025-11-10T00:00:00
db:NVDid:CVE-2025-12274date:2025-10-28T02:06:49.820

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-27440date:2025-10-31T00:00:00
db:NVDid:CVE-2025-12274date:2025-10-27T13:15:43.567