Product:

Ax12_firmware

(Tenda)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 25
Date Id Summary Products Score Patch Annotated
2022-12-12 CVE-2022-45977 Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function. Ax12_firmware 8.8
2022-12-12 CVE-2022-45979 Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the ssid parameter at /goform/fast_setting_wifi_set . Ax12_firmware 7.5
2022-12-12 CVE-2022-45980 Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet . Ax12_firmware 8.8
2023-01-05 CVE-2022-45995 There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414. Ax12_firmware 9.8
2023-12-07 CVE-2023-49424 Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. Ax12_firmware 9.8
2023-12-07 CVE-2023-49425 Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg . Ax12_firmware 9.8
2023-12-07 CVE-2023-49426 Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg. Ax12_firmware 9.8
2023-12-07 CVE-2023-49428 Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName. Ax12_firmware 9.8
2023-12-07 CVE-2023-49437 Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList. Ax12_firmware 9.8
2024-01-10 CVE-2023-49427 Buffer Overflow vulnerability in Tenda AX12 V22.03.01.46, allows remote attackers to cause a denial of service (DoS) via list parameter in SetNetControlList function. Ax12_firmware 7.5