CVE-2025-12273

📊 7.4 HIGH⚡ 0.1%🎯 0 exploits

📅 Published Oct 27, 2025

📋 Status: Analyzed

A weakness has been identified in Tenda CH22 1.0.0.1. Affected is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.

CVSS v3.1 • [email protected]

🎯 Affected Products & Systems

2 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
💻OS	tenda	ch22 firmware	1.0.0.1	Vulnerable	cpe:2.3:o:tenda:ch22_firmware:1.0.0.1:::::::*
🔧HW	tenda	ch22	All versions	Not Vulnerable	cpe:2.3:h:tenda:ch22::::::::

💻

tenda / ch22 firmware

Operating System

Vulnerable

Version: 1.0.0.1

CPE:

cpe:2.3:o:tenda:ch22_firmware:1.0.0.1:*:*:*:*:*:*:*

🔧

tenda / ch22

Hardware

Safe

Version: All versions

CPE:

cpe:2.3:h:tenda:ch22:*:*:*:*:*:*:*:*

Metrics

7.4 HIGHCVSS v4.0[email protected]

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

7.4 (HIGH)v4.0

Source: [email protected]

EPSS Details

0.1% (Minimal)34.1th percentile

Last updated: Oct 30, 2025

Exploitation probability within 30 days

Published Date

Oct 27, 2025 (5 days ago)

Last Modified

Oct 28, 2025 (4 days ago)

Security Weaknesses2

CWE-119CWE-120

References5

NVDgeneralgeneral+2