The-Itach1/IOT-CVE

The-Itach1/IOT-CVE

Releases0

Stars5

记录挖掘IOT路由器的一些CVE

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-45043 ↗	Dec 12, 2022Monday, 12 December 2022, 15:15	8.8 HIGH	—
Tenda AX12 V22.03.01.16_cn is vulnerable to command injection via goform/fast_setting_internet_set.
CVE-2022-45977 ↗	Dec 12, 2022Monday, 12 December 2022, 15:15	8.8 HIGH	—
Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function.
CVE-2022-45979 ↗	Dec 12, 2022Monday, 12 December 2022, 15:15	7.5 HIGH	—
Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the ssid parameter at /goform/fast_setting_wifi_set .
CVE-2022-45980 ↗	Dec 12, 2022Monday, 12 December 2022, 15:15	8.8 HIGH	—
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet .
CVE-2022-37292 ↗	Aug 25, 2022Thursday, 25 August 2022, 16:15	5.5 MEDIUM	—
Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.