Critical severity9.8NVD Advisory· Published Dec 7, 2023· Updated Jun 17, 2026
CVE-2023-49437
CVE-2023-49437
Description
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/ef4tless/vuln/blob/master/iot/AX12/SetNetControlList-3.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.