CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45043
https://notcve.org/view.php?id=CVE-2022-45043
Tenda AX12 V22.03.01.16_cn is vulnerable to command injection via goform/fast_setting_internet_set. Tenda AX12 V22.03.01.16_cn es vulnerable a la inyección de comandos a través de goform/fast_setting_internet_set. • https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45996
https://notcve.org/view.php?id=CVE-2022-45996
Tenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output. Tenda W20E V16.01.0.6(3392) es vulnerable a la inyección de comandos a través de cmd_get_ping_output. • https://github.com/bugfinder0/public_bug/tree/main/tenda/w20e/2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45980
https://notcve.org/view.php?id=CVE-2022-45980
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet . Se descubrió que Tenda AX12 V22.03.01.21_CN contenía Cross-Site Request Forgery (CSRF) a través de /goform/SysToolRestoreSet. • https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/6 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45977
https://notcve.org/view.php?id=CVE-2022-45977
Tenda AX12 V22.03.01.21_CN was found to have a command injection vulnerability via /goform/setMacFilterCfg function. Se descubrió que Tenda AX12 V22.03.01.21_CN tenía una vulnerabilidad de inyección de comandos a través de la función /goform/setMacFilterCfg. • https://github.com/The-Itach1/IOT-CVE/tree/master/Tenda/AX12/3 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45507
https://notcve.org/view.php?id=CVE-2022-45507
Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the editNameMit parameter at /goform/editFileName. Se descubrió que Tenda W30E V1.0.1.25(633) contenía un desbordamiento de pila a través del parámetro editNameMit en /goform/editFileName. • https://github.com/z1r00/IOT_Vul/blob/main/Tenda/W30E/editFileName/readme.md • CWE-787: Out-of-bounds Write •