CVE-2025-12234
Published: 27 October 2025
Summary
CVE-2025-12234 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda Ch22 Firmware. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 48.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires validating the 'page' argument in /goform/SafeMacFilter to ensure it conforms to expected format and length, directly preventing the buffer overflow exploitation.
Mandates timely flaw remediation by applying vendor patches or workarounds for the publicly disclosed buffer overflow in Tenda CH22 firmware version 1.0.0.1.
Enforces memory protections like address space randomization and non-executable memory to mitigate successful exploitation of the buffer overflow even if input validation fails.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unauthenticated remote buffer overflow in the router's web interface (/goform/SafeMacFilter) enables exploitation of a public-facing application (T1190) for potential arbitrary code execution and denial-of-service through application crash or memory corruption (T1499.004).
NVD Description
A vulnerability has been found in Tenda CH22 1.0.0.1. This affects the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to…
more
the public and may be used.
Deeper analysisAI
CVE-2025-12234 is a buffer overflow vulnerability in Tenda CH22 firmware version 1.0.0.1. The flaw affects the fromSafeMacFilter function in the /goform/SafeMacFilter file, triggered by manipulation of the "page" argument.
The vulnerability is remotely exploitable over the network by attackers with low privileges, requiring low complexity and no user interaction. It carries a CVSS 3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), enabling high impacts on confidentiality, integrity, and availability. Associated with CWE-119 and CWE-120, the exploit has been publicly disclosed and may be used.
VulDB advisories document the issue under ctiid.329904 and id.329904, with a related submission at submit.673718. A proof-of-concept is available in the GitHub repository QIU-DIE/CVE/issues/15. The vendor page at tenda.com.cn is referenced, but no specific patch or mitigation details are provided in the available sources.
The public disclosure of the exploit increases the risk of real-world attacks against affected Tenda CH22 devices.
Details
- CWE(s)