Vulnerability Database

318,638

Total vulnerabilities in the database

CVE-2025-15229

A vulnerability has been found in Tenda CH22 up to 1.0.0.1. Affected by this vulnerability is the function fromDhcpListClient of the file /goform/DhcpListClient. Such manipulation of the argument LISTLEN leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Published: Dec 30, 2025
Updated: Jan 8, 2026
CVE: CVE-2025-15229
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-404

Affected Software
References

Software	From	Fixed in
tenda / ch22_firmware	-	1.0.0.1.x

https://github.com/master-abc/cve/issues/7
https://vuldb.com/?ctiid.338625
https://vuldb.com/?id.338625
https://vuldb.com/?submit.725472
https://www.tenda.com.cn/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo