CVE-2025-11423
Published: 08 October 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-11423 is a memory corruption vulnerability (CWE-119) affecting Tenda CH22 firmware version 1.0.0.1. The issue resides in the formSafeEmailFilter function within the /goform/SafeEmailFilter endpoint, where manipulation of the "page" argument triggers the corruption. Published on 2025-10-08, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with no requirements for authentication or user interaction.
The vulnerability enables remote exploitation without privileges, allowing unauthenticated attackers to send crafted requests to the affected endpoint. Successful exploitation results in high-impact compromise of confidentiality, integrity, and availability, potentially leading to full device control via memory corruption. A public exploit is available, increasing the risk of widespread abuse against exposed Tenda CH22 devices.
Advisories and details are documented in references including a GitHub issue at https://github.com/f000x0/cve/issues/7 and VulDB entries at https://vuldb.com/?ctiid.327358, https://vuldb.com/?id.327358, and https://vuldb.com/?submit.666009, with the vendor site at https://www.tenda.com.cn/. No specific patch or mitigation details are outlined in the available information.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Unauthenticated buffer overflow in public-facing router web interface (/goform/SafeEmailFilter) enables remote exploitation for memory corruption, facilitating arbitrary code execution (T1190) or application crash/DoS (T1499.004).