Vulnerabilities > Tenda > Ax12 Firmware > 22.03.01.21.cn

DATE CVE VULNERABILITY TITLE RISK
2023-01-05 CVE-2022-45995 Classic Buffer Overflow vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2022-12-12 CVE-2022-45977 OS Command Injection vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function.
network
low complexity
tenda CWE-78
8.8
8.8
2022-12-12 CVE-2022-45979 Out-of-bounds Write vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the ssid parameter at /goform/fast_setting_wifi_set .
network
low complexity
tenda CWE-787
7.5
7.5
2022-12-12 CVE-2022-45980 Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet .
network
low complexity
tenda CWE-352
8.8
8.8
2022-08-25 CVE-2022-37292 Out-of-bounds Write vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow.
local
low complexity
tenda CWE-787
5.5
5.5
2022-05-18 CVE-2022-28917 Out-of-bounds Write vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp.
network
low complexity
tenda CWE-787
7.5
7.5
2022-05-04 CVE-2022-28082 Out-of-bounds Write vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-05-03 CVE-2022-28561 Out-of-bounds Write vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-04-25 CVE-2022-27374 Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot.
network
low complexity
tenda CWE-352
6.5
6.5
2022-04-25 CVE-2022-27375 Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet.
network
low complexity
tenda CWE-352
6.5
6.5