Lucene search

Ax9 Firmware Security Vulnerabilities - 2023

cve

CVE-2023-49429

Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the 'setDeviceInfo' feature through the 'mac' parameter at /goform/setModules.

9.8CVSS

9.8AI Score

0.01EPSS

2023-12-07 04:15 PM

cve

CVE-2023-49430

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetStaticRouteCfg.

9.8CVSS

9.4AI Score

0.001EPSS

2023-12-07 04:15 PM

cve

CVE-2023-49431

Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName.

9.8CVSS

9.7AI Score

0.04EPSS

2023-12-07 04:15 PM

cve

CVE-2023-49432

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'deviceList' parameter at /goform/setMacFilterCfg.

9.8CVSS

9.4AI Score

0.001EPSS

2023-12-07 04:15 PM

cve

CVE-2023-49433

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetVirtualServerCfg.

9.8CVSS

9.4AI Score

0.001EPSS

2023-12-07 04:15 PM

cve

CVE-2023-49434

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetNetControlList.

9.8CVSS

9.4AI Score

0.001EPSS

2023-12-07 04:15 PM

cve

CVE-2023-49435

Tenda AX9 V22.03.01.46 is vulnerable to command injection.

9.8CVSS

9.6AI Score

0.04EPSS

2023-12-07 04:15 PM

cve

CVE-2023-49436

Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList.

9.8CVSS

9.7AI Score

0.04EPSS

2023-12-07 04:15 PM