CVE 8.7 HIGH

Tenda CH22 P2pListFilter fromP2pListFilter buffer overflow_CVE-2025-12274

October 27, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

AI Analysis

Buffer overflow vulnerability in Tenda CH22 via the fromP2pListFilter function, allowing remote exploitation.

Basic Information

ID CVE-2025-12274

Source VulDB

Published Oct 27, 2025 at 12:32

Modified Oct 27, 2025 at 13:05

Affected Product

Vendor Tenda

Product CH22

Version 1.0.0.1

Affected Versions Tenda CH22 1.0.0.1

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Tenda

Product CH22

Version 1.0.0.1

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.",
    "published": "2025-10-27T12:32:12.399Z",
    "modified": "2025-10-27T13:05:48.770Z",
    "type": "cve",
    "title": "Tenda CH22 P2pListFilter fromP2pListFilter buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.329946\nhttps://vuldb.com/?ctiid.329946\nhttps://vuldb.com/?submit.674165\nhttps://github.com/QIU-DIE/CVE/issues/23\nhttps://www.tenda.com.cn/",
    "id": "CVE-2025-12274",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Tenda CH22 1.0.0.1",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "CH22",
    "version": "1.0.0.1",
    "vendor": "Tenda",
    "ai_description": "Buffer overflow vulnerability in Tenda CH22 via the fromP2pListFilter function, allowing remote exploitation.",
    "ai_severity": "High",
    "ai_vendor": "Tenda",
    "ai_product": "CH22",
    "ai_version": "1.0.0.1",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply