Ax12 Firmware

ax12_firmware

Vendor: Tenda • 31 CVEs

CVEs (31)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-29215 1Tenda 1Ax12 Firmware Mar 25, 2025 Mar 20, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_43fdcc function at /goform/SetNetControlList.
CVE-2025-29214 1Tenda 1Ax12 Firmware Mar 25, 2025 Mar 20, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_42F69C function at /goform/setMacFilterCfg.
CVE-2024-39963 1Tenda 2Ax12 Firmware Ax9 Firmware Jun 4, 2025 Jul 19, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution (RCE) vulnerability via the...Show more AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution (RCE) vulnerability via the macFilterType parameter at /goform/setMacFilterCfg.Show less
CVE-2024-40503 1Tenda 1Ax12 Firmware Jul 7, 2025 Jul 16, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service via the Routing functionality and ICMP packet handling.
CVE-2024-40412 1Tenda 1Ax12 Firmware Jul 7, 2025 Jul 10, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Tenda AX12 v1.0 v22.03.01.46 contains a stack overflow in the deviceList parameter of the sub_42E410 function.
CVE-2024-28383 1Tenda 1Ax12 Firmware Mar 13, 2025 Mar 14, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AX12 v1.0 v22.03.01.16 was discovered to contain a stack overflow via the ssid parameter in the sub_431CF0 function.
CVE-2023-47422 1Tenda 4Ax12 Firmware Ax3 FirmwareAx9 Firmware+1 more Apr 25, 2025 Feb 20, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12.11, Tenda AX9 V1 V22.03.01.46, and Tenda AX12 V1 V22.03.01.46 allows attackers to bypass authentication on any endpoint via...Show more An access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12.11, Tenda AX9 V1 V22.03.01.46, and Tenda AX12 V1 V22.03.01.46 allows attackers to bypass authentication on any endpoint via a crafted URL.Show less
CVE-2023-49427 1Tenda 1Ax12 Firmware Jun 16, 2025 Jan 10, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Buffer Overflow vulnerability in Tenda AX12 V22.03.01.46, allows remote attackers to cause a denial of service (DoS) via list parameter in SetNetControlList function.
CVE-2023-49437 1Tenda 1Ax12 Firmware May 28, 2025 Dec 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList.
CVE-2023-49428 1Tenda 1Ax12 Firmware Nov 21, 2024 Dec 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName.
CVE-2023-49426 1Tenda 1Ax12 Firmware Nov 21, 2024 Dec 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg.
CVE-2023-49425 1Tenda 1Ax12 Firmware Nov 21, 2024 Dec 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg .
CVE-2023-49424 1Tenda 1Ax12 Firmware Nov 21, 2024 Dec 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.
CVE-2022-45995 1Tenda 1Ax12 Firmware Apr 10, 2025 Jan 5, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE...Show more There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414.Show less
CVE-2022-45980 1Tenda 1Ax12 Firmware Apr 22, 2025 Dec 12, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet .
CVE-2022-45979 1Tenda 1Ax12 Firmware Apr 22, 2025 Dec 12, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the ssid parameter at /goform/fast_setting_wifi_set .
CVE-2022-45977 1Tenda 1Ax12 Firmware Apr 22, 2025 Dec 12, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function.
CVE-2022-45043 1Tenda 1Ax12 Firmware Apr 22, 2025 Dec 12, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Tenda AX12 V22.03.01.16_cn is vulnerable to command injection via goform/fast_setting_internet_set.
CVE-2022-37292 1Tenda 1Ax12 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post...Show more Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.Show less
CVE-2022-28917 1Tenda 1Ax12 Firmware Nov 21, 2024 May 18, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp.

12 Next