3 matches found
CVE-2023-49429
Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the 'setDeviceInfo' feature through the 'mac' parameter at /goform/setModules...
CVE-2023-49429
creationtimestamp| type| source ---|---|--- 2023-12-30 18:31:57+00:00| seen| https://t.me/ctinow/160944...
CVE-2023-49429
CVE-2023-49429 affects Tenda AX9, specifically version V22.03.01.46. Public records across multiple sources describe a SQL command injection in the /goform/setModules endpoint via the mac parameter in setDeviceInfo, enabling arbitrary command execution on successful exploitation. The vulnerabilit...