CVE-2026-5605: Tenda CH22 Stack Overflow - HIGH
Plattform
linux
Komponente
tenda
CVE-2026-5605 describes a stack-based buffer overflow vulnerability discovered in the Tenda CH22 router, specifically within the /goform/WrlExtraSet file's formWrlExtraSet function. Successful exploitation allows a remote attacker to potentially execute arbitrary code on the affected system. This vulnerability impacts Tenda CH22 devices running versions 1.0.0 through 1.0.0.1, and a public exploit is already available, increasing the risk of active attacks. No official patch has been released at the time of publication.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2026-5605?
CVE-2026-5605 is a security vulnerability affecting the Tenda CH22 router. It's a stack-based buffer overflow that can be triggered remotely by manipulating the GO argument in the /goform/WrlExtraSet file, potentially allowing an attacker to execute code.
Am I affected by CVE-2026-5605?
You are likely affected if you are using a Tenda CH22 router running firmware versions 1.0.0 through 1.0.0.1. The vulnerability is remotely exploitable, so even if the router is accessible from the internet, it's at risk.
How can I fix or mitigate CVE-2026-5605?
Unfortunately, no official patch is currently available from Tenda to address this vulnerability. As a mitigation, consider isolating the affected router from the internet or implementing strict firewall rules to restrict access to the /goform/WrlExtraSet endpoint.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten