CVE Alert: CVE-2025-12235 - Tenda - CH22

CVE-2025-12235

HIGHNo exploitation known

A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be used.

CVSS v3.1 (8)

Vendor

Tenda

Product

CH22

Versions

1.0.0.1

CWE

CWE-120, Buffer Overflow

Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R

Published

2025-10-27T06:22:44.013Z

Updated

2025-10-27T06:22:44.013Z

References

https://vuldb.com/?id.329905

https://vuldb.com/?ctiid.329905

https://vuldb.com/?submit.673720

https://github.com/QIU-DIE/CVE/issues/16

https://www.tenda.com.cn/

AI Summary Analysis

Risk verdict

High risk on local networks due to a publicly available exploit and adjacent-network access requirements; patching should be prioritised.

Why this matters

Exploitation could yield arbitrary code execution or device instability with high impact on availability, integrity, and confidentiality. In practice, an attacker on the LAN could compromise the device, potentially persisting or pivoting to other devices on the same network, disrupting services and undermining network trust.

Most likely attack path

An attacker within the local network can trigger the overflow through crafted input, taking advantage of low attack complexity and a need for only limited privileges with no user interaction. The impact pattern is device-level compromise, with high potential for persistent access or reputation-related risk, but lateral reach is likely constrained to the device itself unless misconfigurations exist.

Who is most exposed

Devices deployed in residential or small-office networks with accessible management interfaces on the LAN are most at risk, especially where admin access is not tightly restricted to trusted hosts.

Detection ideas

Look for crashes/reboots or memory corruption events tied to management interface activity.
Detect anomalous or oversized inputs to management endpoints from LAN hosts.
Monitor spikes in CPU/memory on the device concurrent with specific URL or parameter usage.
Identify repeated failed or unusual access attempts from adjacent network sources.
Correlate syslog/SNMP traps with device instability after connection from local hosts.

Mitigation and prioritisation

Apply vendor firmware patch or upgrade to a non-affected version as soon as available.
Restrict management access to trusted LAN hosts; disable or severely limit remote management.
Implement network segmentation and firewall rules to isolate the device from untrusted segments.
Enable detailed logging and centralised alerts for device crashes and management-portal activity.
Plan testing in a controlled environment before broad deployment; communicate patch windows to affected teams.

Support Our Work

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.

AI APIs OSINT driven New features

Buy Me A Coffee Patreon

Tags: ch22, CVE, cve-2025-12235, OSINT, tenda, threatintel