Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tenda Subscribe
Filtered by product Ax12
Total 18 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45995 1 Tenda 2 Ax12, Ax12 Firmware 2023-01-11 N/A 9.8 CRITICAL
There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414.
CVE-2022-45043 1 Tenda 2 Ax12, Ax12 Firmware 2022-12-14 N/A 8.8 HIGH
Tenda AX12 V22.03.01.16_cn is vulnerable to command injection via goform/fast_setting_internet_set.
CVE-2022-45977 1 Tenda 2 Ax12, Ax12 Firmware 2022-12-14 N/A 8.8 HIGH
Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function.
CVE-2022-45980 1 Tenda 2 Ax12, Ax12 Firmware 2022-12-14 N/A 8.8 HIGH
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet .
CVE-2022-45979 1 Tenda 2 Ax12, Ax12 Firmware 2022-12-14 N/A 7.5 HIGH
Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the ssid parameter at /goform/fast_setting_wifi_set .
CVE-2022-37292 1 Tenda 2 Ax12, Ax12 Firmware 2022-08-26 N/A 5.5 MEDIUM
Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.
CVE-2022-28917 1 Tenda 2 Ax12, Ax12 Firmware 2022-05-26 7.8 HIGH 7.5 HIGH
Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp.
CVE-2022-28082 1 Tenda 2 Ax12, Ax12 Firmware 2022-05-12 7.5 HIGH 9.8 CRITICAL
Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList.
CVE-2022-28561 1 Tenda 2 Ax12, Ax12 Firmware 2022-05-09 10.0 HIGH 9.8 CRITICAL
There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload
CVE-2022-27375 1 Tenda 2 Ax12, Ax12 Firmware 2022-05-06 7.1 HIGH 6.5 MEDIUM
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet.
CVE-2022-27374 1 Tenda 2 Ax12, Ax12 Firmware 2022-05-06 7.1 HIGH 6.5 MEDIUM
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot.
CVE-2022-25561 1 Tenda 2 Ax12, Ax12 Firmware 2022-03-18 7.8 HIGH 7.5 HIGH
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42DE00. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.
CVE-2022-25560 1 Tenda 2 Ax12, Ax12 Firmware 2022-03-18 7.8 HIGH 7.5 HIGH
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_4327CC. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.
CVE-2022-25556 1 Tenda 2 Ax12, Ax12 Firmware 2022-03-18 7.8 HIGH 7.5 HIGH
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.
CVE-2021-46408 1 Tenda 2 Ax12, Ax12 Firmware 2022-03-15 7.8 HIGH 7.5 HIGH
Tenda AX12 v22.03.01.21 was discovered to contain a stack buffer overflow in the function sub_422CE4. This vulnerability allows attackers to cause a Denial of Service (DoS) via the strcpy parameter.
CVE-2022-24143 1 Tenda 4 Ax12, Ax12 Firmware, Ax3 and 1 more 2022-03-01 7.8 HIGH 7.5 HIGH
Tenda AX3 v16.03.12.10_CN and AX12 22.03.01.2_CN was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the timeZone parameter.
CVE-2021-45391 1 Tenda 2 Ax12, Ax12 Firmware 2022-02-23 5.0 MEDIUM 7.5 HIGH
A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in the goform/setIPv6Status binary file /usr/sbin/httpd via the conType parameter, which causes a Denial of Service.
CVE-2021-45392 1 Tenda 2 Ax12, Ax12 Firmware 2022-02-22 7.8 HIGH 7.5 HIGH
A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in page /goform/setIPv6Status via the prefixDelegate parameter, which causes a Denial of Service.