CVE Alert: CVE-2025-12233 – Tenda – CH22
CVE-2025-12233
HIGHNo exploitation known
A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Executing manipulation of the argument page can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.
CVSS v3.1 (8.8)
Vendor
Tenda
Product
CH22
Versions
1.0.0.1
CWE
CWE-120, Buffer Overflow
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
Published
2025-10-27T06:22:17.626Z
Updated
2025-10-27T06:22:17.626Z
References
AI Summary Analysis
Risk verdict
Why this matters
Most likely attack path
Who is most exposed
Detection ideas
- Unusual bursts of requests to /goform/SafeUrlFilter with long or malformed page parameters.
- System crashes, memory corruption signs, or reboot cycles logged by the device.
- Known exploit patterns or shellcode indicators in network payloads.
- Anomalous remote management access from uncommon networks or sources.
Mitigation and prioritisation
- Apply the vendor patch to the fixed firmware as a matter of urgency; treat as priority 1 (public exploit present).
- If patching is not immediate: disable or tightly restrict remote management; enforce management only from trusted networks; implement firewall/WAF rules to block suspicious page parameters.
- Plan a firmware upgrade with change-management and test in a controlled environment before broader rollout.
- Enhance monitoring for the identified detection signals and verify integrity post-update.
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
AI APIs OSINT driven New features
