CVE-2023-49431 | Tenda AX9 22.03.01.46 /goform/SetOnlineDevName mac command injection

Inserito da Angelo Barbosa | Dic 7, 2023 | CVE

A vulnerability, which was classified as critical, has been found in Tenda AX9 22.03.01.46. Affected by this issue is some unknown functionality of the file /goform/SetOnlineDevName. The manipulation of the argument mac leads to command injection.

This vulnerability is handled as CVE-2023-49431. The attack can only be done within the local network. There is no exploit available.

CVE-2023-49431 | Tenda AX9 22.03.01.46 /goform/SetOnlineDevName mac command injection

Post correlati

CVE-2024-31802 | DESIGNA Abacus up to 18 QR Code behavioral workflow

CVE-2024-25710 | Apache Commons Compress up to 1.25.0 infinite loop

CVE-2023-48356 | Unisoc S8000 JPG Driver out-of-bounds write

CVE-2024-3680 | Enter Addons Plugin up to 2.1.5 on WordPress Animation Title Widget img Tag cross site scripting