Ax12 Firmware@22.03.01.21 cn Security Vulnerabilities and Issues — Ax12 Firmware@22.03.01.21 cn CVE List

Lucene search

TendaAx12 Firmware22.03.01.21 cn

12 matches found

CVE•added 2022/05/03 4:15 p.m.•117 views

CVE-2022-28561

There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload

10CVSS9.5AI score0.0239EPSS

CVE•added 2022/05/04 2:15 p.m.•67 views

CVE-2022-28082

Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList.

9.8CVSS9.6AI score0.02427EPSS

CVE•added 2022/04/25 4:16 p.m.•63 views

CVE-2022-27375

Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet.

7.1CVSS6.6AI score0.00101EPSS

CVE•added 2022/02/14 5:15 p.m.•62 views

CVE-2021-45392

A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in page /goform/setIPv6Status via the prefixDelegate parameter, which causes a Denial of Service.

7.8CVSS7.5AI score0.03105EPSS

CVE•added 2022/02/16 2:15 p.m.•59 views

CVE-2021-45391

A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in the goform/setIPv6Status binary file /usr/sbin/httpd via the conType parameter, which causes a Denial of Service.

7.5CVSS7.5AI score0.01EPSS

CVE•added 2022/04/25 4:16 p.m.•56 views

CVE-2022-27374

Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot.

7.1CVSS6.6AI score0.00101EPSS

CVE•added 2022/12/12 3:15 p.m.•53 views

CVE-2022-45979

Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the ssid parameter at /goform/fast_setting_wifi_set .

7.5CVSS7.7AI score0.00084EPSS

CVE•added 2022/05/18 4:15 p.m.•52 views

CVE-2022-28917

Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp.

7.8CVSS7.7AI score0.00409EPSS

CVE•added 2022/08/25 4:15 p.m.•49 views

CVE-2022-37292

Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.

5.5CVSS5.6AI score0.00049EPSS

CVE•added 2022/12/12 3:15 p.m.•48 views

CVE-2022-45980

Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet .

8.8CVSS8.8AI score0.06293EPSS

CVE•added 2023/01/05 2:15 p.m.•48 views

CVE-2022-45995

There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414.

9.8CVSS7.9AI score0.91576EPSS

CVE•added 2022/12/12 3:15 p.m.•42 views

CVE-2022-45977

Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function.

8.8CVSS8.8AI score0.02066EPSS