Description
A vulnerability was found in Tenda CH22 1.0.0.1. This impacts the function formCertListInfo of the file /goform/CertListInfo. The manipulation of the argument Name results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used.
Problem types
Product status
Timeline
| 2026-07-12: | Advisory disclosed |
| 2026-07-12: | VulDB entry created |
| 2026-07-12: | VulDB entry last update |
Credits
ysnysn0121 (VulDB User)
References
vuldb.com/vuln/377893 (VDB-377893 | Tenda CH22 CertListInfo formCertListInfo buffer overflow)
vuldb.com/vuln/377893/cti (VDB-377893 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/cve/CVE-2026-15543 (CVE-2026-15543 | CVE Analysis and Report)
vuldb.com/submit/855077 (Submit #855077 | Tenda CH22 V1.0.0.1 Buffer Overflow)
candle-throne-f75.notion.site/...0aa11858088aabaeb0f5e1909c9
www.tenda.com.cn/