CVE-2026-5204 | Tenda CH22 1.0.0.1 Parameter /goform/webtypelibrary formWebTypeLibrary webSiteId stack-based overflow

Inserito da Angelo Barbosa | Mar 31, 2026 | CVE

A vulnerability was found in Tenda CH22 1.0.0.1. It has been classified as critical. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component Parameter Handler. This manipulation of the argument webSiteId causes stack-based buffer overflow.

This vulnerability is handled as CVE-2026-5204. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-5204 | Tenda CH22 1.0.0.1 Parameter /goform/webtypelibrary formWebTypeLibrary webSiteId stack-based overflow

Post correlati

CVE-2025-64288 | Premmerce Plugin up to 1.3.19 on WordPress cross-site request forgery

CVE-2023-6828 | ARForms Plugin up to 1.5.8 on WordPress arf_http_referrer_url cross site scripting

CVE-2025-40340 | Linux Kernel up to 6.12.57/6.17.7 ttm_bo_vm_dummy_page privilege escalation

CVE-2024-9442 | faktorvier F4 Improvements Plugin up to 1.9.0 on WordPress SVG File Upload cross site scripting