CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/01/09 12:37 p.m.•5 views

CVE-2023-49429

Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the 'setDeviceInfo' feature through the 'mac' parameter at /goform/setModules...

9.8CVSS8.3AI score0.01882EPSS

RedhatCVE•added 2026/01/09 12:36 p.m.•9 views

CVE-2023-49432

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'deviceList' parameter at /goform/setMacFilterCfg...

9.8CVSS7.4AI score0.00127EPSS

RedhatCVE•added 2026/01/09 12:36 p.m.•8 views

CVE-2023-49436

Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList...

9.8CVSS8AI score0.04421EPSS

RedhatCVE•added 2026/01/09 12:36 p.m.•6 views

CVE-2023-49433

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetVirtualServerCfg...

9.8CVSS7.5AI score0.00282EPSS

RedhatCVE•added 2026/01/09 12:35 p.m.•3 views

CVE-2023-49431

Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName...

9.8CVSS7.9AI score0.01975EPSS

RedhatCVE•added 2025/12/14 7:5 p.m.•3 views

CVE-2025-14636

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function imagecheck of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the...

EUVD•added 2025/12/13 9:30 p.m.•4 views

EUVD-2025-203271

6.3CVSS4.4AI score0.0008EPSS

Exploits1References6

NVD•added 2025/12/13 7:15 p.m.•2 views

CVE-2025-14636

6.3CVSS0.0008EPSS

OSV•added 2025/12/13 7:15 p.m.•2 views

CVE-2025-14636

6.3CVSS5.2AI score0.0008EPSS

CVE•added 2025/12/13 7:2 p.m.•8 views

CVE-2025-14636

CVE-2025-14636 affects Tenda AX9 firmware version 22.03.01.46, where the httpd component's image_check uses a weak hash. This enables remote exploitation with high attack complexity, and the exploit is publicly available (proof-of-concept). No concrete remediation/version fix is provided in the s...

Exploits1References5Affected Software1

ATTACKERKB•added 2025/12/13 7:2 p.m.•2 views

CVE-2025-14636

6.3CVSS4.8AI score0.0008EPSS

Exploits1References5Affected Software1

Cvelist•added 2025/12/13 7:2 p.m.•23 views

CVE-2025-14636 Tenda AX9 httpd image_check weak hash

6.3CVSS0.0008EPSS

Vulnrichment•added 2025/12/13 7:2 p.m.•2 views

CVE-2025-14636 Tenda AX9 httpd image_check weak hash

Positive Technologies•added 2025/12/13 12:0 a.m.•5 views

PT-2025-51132

Name of the Vulnerable Software and Affected Versions Tenda AX9 version 22.03.01.46 Description A security flaw exists in the image check function within the httpd component of Tenda AX9 version 22.03.01.46. This issue involves the use of a weak hash, allowing for remote attacks. The attack is...

CNNVD•added 2025/12/13 12:0 a.m.•2 views

Exploits1References11

Tenda AX9 安全漏洞

Tenda AX9 is a Wi-Fi 6 router from Tenda China. A security vulnerability exists in Tenda AX9 version 22.03.01.46, which originates from the use of a weak hash in the imagecheck function in the httpd component, which could lead to remote attacks...

6.3CVSS5AI score0.0008EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-53395

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00127EPSS

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-53400

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.04421EPSS