CVE-2023-49434
CVE-2023-49434 affects Tenda AX9 (firmware v22.03.01.46). The vulnerability is a buffer/stack overflow in the /goform/SetNetControlList endpoint, triggered by the input length of the “list” parameter not being properly validated. Exploitation could allow a remote attacker to execute arbitrary cod...