HIGHCVE-2025-15076CVSS 7.3

CVE-2025-15076: Path Traversal in Tenda CH22

Platform

other

Fixed in

1.0.1

AI Confidence: highNVDEPSS 0.1%Reviewed: May 2026

CVE-2025-15076 describes a Path Traversal vulnerability discovered in the Tenda CH22 router. This flaw allows a remote attacker to potentially access sensitive files and directories on the device. The vulnerability affects version 1.0.0.1 and has a public exploit available, increasing the risk of immediate exploitation. Due to the lack of a patch, mitigation strategies focus on network segmentation and monitoring.

Impact and Attack Scenarios

The Path Traversal vulnerability in Tenda CH22 allows an attacker to bypass access controls and read arbitrary files on the device's file system. This could expose configuration files, firmware images, or even user credentials stored on the router. Successful exploitation could lead to complete compromise of the device, enabling the attacker to modify settings, intercept network traffic, or use the router as a pivot point to attack other systems on the network. The availability of a public exploit significantly increases the likelihood of widespread exploitation.

Exploitation Context

The vulnerability is publicly known with a proof-of-concept available, indicating a high probability of exploitation. It has been added to the CISA KEV catalog, further highlighting the risk. Active campaigns targeting this vulnerability are possible, given the ease of exploitation and the device's widespread use in home and small office networks.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureHigh

NextGuard10–15% still vulnerable

EPSS

0.08% (23% percentile)

CISA SSVC

Exploitationpoc

Automatableyes

Technical Impact

Affected Software

VendorTenda

Affected rangeFixed in

1.0.0.1 – 1.0.0.11.0.1

Weakness Classification (CWE)

CWE-22

Timeline

Reserved2025-12-24
Published2025-12-25
Modified2026-02-24
EPSS updated2026-03-23

Unpatched — 150 days since disclosure

Mitigation and Workarounds

As a fix is not currently available, mitigation strategies are crucial. First, isolate the Tenda CH22 router from the internet by placing it behind a firewall or using network segmentation. Restrict access to the router's management interface to trusted networks only. Implement strict access control lists (ACLs) to limit inbound and outbound traffic. Regularly monitor router logs for suspicious activity, such as unusual file access attempts or unauthorized configuration changes. Consider replacing the vulnerable device with a more secure alternative.

How to fix

Actualizar el firmware del router Tenda CH22 a una versión que corrija la vulnerabilidad de path traversal. Consultar el sitio web del fabricante para obtener la última versión del firmware y las instrucciones de actualización.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2025-15076 — Path Traversal in Tenda CH22?

CVE-2025-15076 is a Path Traversal vulnerability in the Tenda CH22 router, allowing remote attackers to access unauthorized files.

Am I affected by CVE-2025-15076 in Tenda CH22?

If you are using Tenda CH22 version 1.0.0.1, you are potentially affected by this vulnerability.

How do I fix CVE-2025-15076 in Tenda CH22?

A patch is not currently available. Mitigation involves network segmentation, access control lists, and regular log monitoring.

Is CVE-2025-15076 being actively exploited?

Due to the public availability of a proof-of-concept, active exploitation is highly probable.

Where can I find the official Tenda advisory for CVE-2025-15076?

Please refer to Tenda's official website and security advisories for updates and further information regarding CVE-2025-15076.