Description
A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component Parameter Handler. The manipulation of the argument wanmode results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
Published: 2026-03-30
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A stack-based buffer overflow exists in the AdvSetWan function of Tenda CH22 firmware 1.0.0.1. An attacker can supply a crafted wanmode argument to the /goform/AdvSetWan endpoint, causing the stack to be corrupted and allowing execution of arbitrary code on the device. This attack can compromise confidentiality, integrity, and availability of the router.

Affected Systems

Only Tenda CH22 units running firmware version 1.0.0.1 are identified as vulnerable. No other brands or models are mentioned in the CVE data.

Risk and Exploitability

The CVSS score of 8.7 signals a high severity vulnerability. The description states that the exploit can be performed remotely via the device’s web interface, and a public exploit has already been released. The EPSS value is unavailable and the vulnerability is not included in the CISA KEV catalog, but the known public exploit and high score suggest a non‑negligible likelihood of real‑world exploitation.

Generated by OpenCVE AI on March 31, 2026 at 05:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify the device firmware version; if it is 1.0.0.1 or earlier, upgrade to the latest firmware available from Tenda.
  • If an official patch is not yet released, block external access to the router’s web interface (e.g., apply firewall rules or disable WAN access to the router admin pages).
  • Monitor traffic for requests to /goform/AdvSetWan and look for anomalous patterns that could indicate exploitation attempts.
  • Contact Tenda support or review the vendor’s website for a patch or advisory regarding this flaw.

Generated by OpenCVE AI on March 31, 2026 at 05:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Tenda ch22
Vendors & Products Tenda ch22

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component Parameter Handler. The manipulation of the argument wanmode results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
Title Tenda CH22 Parameter AdvSetWan fromAdvSetWan stack-based overflow
First Time appeared Tenda
Tenda ch22 Firmware
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:o:tenda:ch22_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda ch22 Firmware
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Tenda Ch22 Ch22 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-30T22:30:18.299Z

Reserved: 2026-03-30T13:33:12.593Z

Link: CVE-2026-5155

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-03-30T23:17:05.123

Modified: 2026-03-30T23:17:05.123

Link: CVE-2026-5155

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-31T20:39:48Z

Weaknesses