CVE-2026-5156
highA vulnerability was determined in Tenda CH22 1.0.0.1. This impacts the function formQuickIndex of the file /goform/QuickIndex of the component Parameter Handler. This manipulation of the argument mit_linktype causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
8.8
cvss
high
common vulnerability scoring system v3.1. measures intrinsic severity on a 0-10 scale.
epss
0.0008
kev
no
cisa known exploited vulnerabilities catalog. confirmed active exploitation.
CVSS 3.1
Common Vulnerability Scoring System v3.1
8.8
/ 10
HIGH
exploitability
Attack Vector
Network
Attack Vector (AV:N): exploitable remotely over the network — most dangerous. no physical or adjacent access needed.
Attack Complexity
Low
Attack Complexity (AC:L): no special conditions needed. attack can be reliably reproduced.
Privileges Required
Low
Privileges Required (PR:L): requires basic user-level access.
User Interaction
None
User Interaction (UI:N): no victim action needed. fully exploitable without user interaction.
impact
Scope
Unchanged
Scope (S:U): impact limited to the vulnerable component.
Confidentiality
High
Confidentiality (C:H): total information disclosure. attacker gains access to all data within the component.
Integrity
High
Integrity (I:H): complete data modification possible. attacker can modify any data.
Availability
High
Availability (A:H): total denial of service. attacker can fully shut down the resource.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 4.0
Common Vulnerability Scoring System v4.0
7.4
/ 10
HIGH
exploitability
Attack Vector
Network
Attack Vector (AV:N): exploitable remotely over the network — most dangerous. no physical or adjacent access needed.
Attack Complexity
Low
Attack Complexity (AC:L): no special conditions needed. attack can be reliably reproduced.
Attack Requirements
None
Attack Requirements (AT:N): no special deployment or execution conditions needed.
Privileges Required
Low
Privileges Required (PR:L): requires basic user-level access.
User Interaction
None
User Interaction (UI:N): no victim action needed. fully exploitable without user interaction.
vulnerable system impact
Vuln Confidentiality
High
Confidentiality (VC:H): total information disclosure. attacker gains access to all data within the component.
Vuln Integrity
High
Integrity (VI:H): complete data modification possible. attacker can modify any data.
Vuln Availability
High
Availability (VA:H): total denial of service. attacker can fully shut down the resource.
subsequent system impact
Sub Confidentiality
None
Subsequent Confidentiality: impact on data confidentiality of downstream/connected systems. Value: N (None)
Sub Integrity
None
Subsequent Integrity: impact on data integrity of downstream/connected systems. Value: N (None)
Sub Availability
None
Subsequent Availability: impact on service availability of downstream/connected systems. Value: N (None)
supplemental
exploit maturity: poc
Exploit Maturity: has a functional exploit been observed? Attacked = actively exploited. PoC = proof-of-concept exists. Unreported = no known exploit.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
activity density
rdintel assessment
composite score from 15+ signals including exploitation status, epss probability, detection coverage, and community attention. 0-100 scale.
sign in to view full intelligence
pocs, detection rules, timeline, advisories, and more