Critical severity9.8NVD Advisory· Published Dec 7, 2023· Updated Jun 17, 2026
CVE-2023-49428
CVE-2023-49428
Description
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/ef4tless/vuln/blob/master/iot/AX12/SetOnlineDevName.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.