CVE-2025-11418 – Tenda CH22 HTTP Request AdvSetWrlsafeset formWrlsafeset stack-based overflow

CVE ID : CVE-2025-11418

Published : Oct. 8, 2025, 1:15 a.m. | 1 hour, 20 minutes ago

Description : A security vulnerability has been detected in Tenda CH22 up to 1.0.0.1. This issue affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP Request Handler. The manipulation of the argument mit_ssid_index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

Severity: 10.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…