CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-49434
https://notcve.org/view.php?id=CVE-2023-49434
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetNetControlList. Se ha descubierto que Tenda AX9 V22.03.01.46 contiene una vulnerabilidad de desbordamiento de pila en el parámetro 'lista' en /goform/SetNetControlList. • https://github.com/ef4tless/vuln/blob/master/iot/AX9/SetNetControlList.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 1CVE-2023-49435
https://notcve.org/view.php?id=CVE-2023-49435
Tenda AX9 V22.03.01.46 is vulnerable to command injection. Tenda AX9 V22.03.01.46 es vulnerable a la inyección de comandos. • https://github.com/ef4tless/vuln/blob/master/iot/AX9/SetNetControlList-3.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 1CVE-2023-49436
https://notcve.org/view.php?id=CVE-2023-49436
Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList. Se ha descubierto que Tenda AX9 V22.03.01.46 contiene una vulnerabilidad de inyección de comandos en el parámetro 'lista' en /goform/SetNetControlList. • https://github.com/ef4tless/vuln/blob/master/iot/AX9/SetNetControlList-2.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •