Lucene search
K

15 matches found

Prion
Prion
added 2022/12/12 3:15 p.m.23 views

Cross site request forgery (csrf)

Tenda AX12 V22.03.01.21CN was discovered to contain a Cross-Site Request Forgery CSRF via /goform/SysToolRestoreSet...

6.8CVSS8.8AI score0.07454EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/12/12 3:15 p.m.25 views

Stack overflow

Tenda AX12 v22.03.01.21CN was discovered to contain a stack overflow via the ssid parameter at /goform/fastsettingwifiset...

5CVSS7.7AI score0.00815EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/12/12 12:0 a.m.30 views

CVE-2022-45980

Tenda AX12 V22.03.01.21CN was discovered to contain a Cross-Site Request Forgery CSRF via /goform/SysToolRestoreSet...

9.1AI score0.07454EPSS
Exploits1References1
CVE
CVE
added 2022/12/12 12:0 a.m.56 views

CVE-2022-45977

The CVE-2022-45977 entry concerns Tenda AX12 (V22.03.01.21_CN) with a command injection vulnerability exposed through the /goform/setMacFilterCfg endpoint. Affected component is the web/LAN management interface; root cause described as command injection in that function. The CVSSv3.1 scores indic...

8.8CVSS8.8AI score0.021EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/12/12 12:0 a.m.60 views

CVE-2022-45980

CVE-2022-45980 affects Tenda AX12 with firmware version V22.03.01.21_CN and is caused by a Cross-Site Request Forgery (CSRF) vulnerability on the /goform/SysToolRestoreSet endpoint. The NVD entry assigns a CVSS v3.1 base score of 8.8 (High) with NETWORK attack vector, LOW attack complexity, and u...

8.8CVSS8.8AI score0.07454EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/08/25 3:7 p.m.61 views

CVE-2022-37292

CVE-2022-37292 affects Tenda AX12 with version V22.03.01.21_CN and involves a buffer overflow in the sub_42FDE4 function, triggered by handling the POST request under /goform/SetIpMacBind via the upper-level sub_430124 interface. Public sources concur on the vulnerable component and endpoint, wit...

5.5CVSS5.6AI score0.00283EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.4 views

Tenda AX12 缓冲区错误漏洞

Tenda AX12 is a dual-band Gigabit Wifi 6 wireless router from Tenda China. A security vulnerability exists in Tenda AX12 version V22.03.01.21CN, no detailed vulnerability details are available at this time...

5.5CVSS7AI score0.00283EPSS
Exploits1References2
NVD
NVD
added 2022/05/04 2:15 p.m.22 views

CVE-2022-28082

Tenda AX12 v22.03.01.21CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList...

9.8CVSS0.08645EPSS
Exploits1References1
Prion
Prion
added 2022/05/04 2:15 p.m.19 views

Stack overflow

Tenda AX12 v22.03.01.21CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList...

7.5CVSS9.6AI score0.08645EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/05/04 1:9 p.m.79 views

CVE-2022-28082

CVE-2022-28082 affects the Tenda AX12 router (v22.03.01.21_CN). The vulnerability is a stack overflow triggered by the list parameter at the HTTP endpoint /goform/SetNetControlList. The NVD metrics indicate a high to critical impact: CVSS v3.1 base score 9.8 (NETWORK, NONE privileges, user intera...

9.8CVSS9.6AI score0.08645EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/04/25 4:16 p.m.20 views

Cross site request forgery (csrf)

Tenda AX12 V22.03.01.21CN was discovered to contain a Cross-Site Request Forgery CSRF via the function sub422168 at /goform/WifiExtraSet...

7.1CVSS6.6AI score0.0045EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/04/25 3:46 p.m.71 views

CVE-2022-27374

CVE-2022-27374 concerns the Tenda AX12 (V22.03.01.21_CN) router, where a Cross-Site Request Forgery (CSRF) vulnerability exists in the function sub_42E328 at /goform/SysToolReboot. This is reported across multiple sources (Red Hat, CNVD, CVE/NVD) and indicates an impact on availability (NVD CVSS:...

7.1CVSS6.6AI score0.00448EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/04/25 3:46 p.m.73 views

CVE-2022-27375

Tenda AX12 V22.03.01.21_CN firmware is affected by a Cross-Site Request Forgery (CSRF) vulnerability in the sub_422168 function at /goform/WifiExtraSet. The issue arises from insufficient validation of the request source, enabling an attacker to craft harmful requests that trick a logged-in (trus...

7.1CVSS6.6AI score0.0045EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/04/25 12:0 a.m.5 views

Tenda AX12 跨站请求伪造漏洞

Tenda AX12 is a dual-band gigabit Wifi 6 wireless router from Tenda, China.Tenda AX12 V22.03.01.21CN is vulnerable to cross-site request spoofing. users, an attacker could use the vulnerability to spoof malicious requests to trick victims into clicking to perform sensitive operations...

7.1CVSS5.4AI score0.00448EPSS
Exploits1References3
CVE
CVE
added 2022/02/14 4:25 p.m.94 views

CVE-2021-45392

The CVE-2021-45392 issue affects Tenda Router AX12 (V22.03.01.21_CN). The vulnerability is a buffer overflow in the sub_422CE4 function of the /goform/setIPv6Status path, triggered via the prefixDelegate parameter, leading to Denial of Service. Connected sources (Red Hat, CNVD, CVE records) confi...

7.8CVSS7.5AI score0.12294EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder