CVE-2022-27375
Tenda AX12 V22.03.01.21_CN firmware is affected by a Cross-Site Request Forgery (CSRF) vulnerability in the sub_422168 function at /goform/WifiExtraSet. The issue arises from insufficient validation of the request source, enabling an attacker to craft harmful requests that trick a logged-in (trus...