VYPR

AX12

by Tenda

CVEs (30)

  • CVE-2022-25556HigMar 10, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter.

  • CVE-2021-46408HigMar 10, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AX12 v22.03.01.21 was discovered to contain a stack buffer overflow in the function sub_422CE4. This vulnerability allows attackers to cause a Denial of Service (DoS) via the strcpy parameter.

  • CVE-2021-45391HigFeb 16, 2022
    risk 0.49cvss 7.5epss 0.02

    A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in the goform/setIPv6Status binary file /usr/sbin/httpd via the conType parameter, which causes a Denial of Service.

  • CVE-2022-24143HigFeb 4, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AX3 v16.03.12.10_CN and AX12 22.03.01.2_CN was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the timeZone parameter.

  • CVE-2024-40412MedJul 10, 2024
    risk 0.44cvss 6.8epss 0.00

    Tenda AX12 v1.0 v22.03.01.46 contains a stack overflow in the deviceList parameter of the sub_42E410 function.

  • CVE-2025-29215MedMar 20, 2025
    risk 0.42cvss 6.5epss 0.01

    Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_43fdcc function at /goform/SetNetControlList.

  • CVE-2024-40503MedJul 16, 2024
    risk 0.42cvss 6.5epss 0.00

    An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service via the Routing functionality and ICMP packet handling.

  • CVE-2022-27375MedApr 25, 2022
    risk 0.42cvss 6.5epss 0.00

    Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet.

  • CVE-2022-27374MedApr 25, 2022
    risk 0.42cvss 6.5epss 0.00

    Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot.

  • CVE-2022-37292MedAug 25, 2022
    risk 0.36cvss 5.5epss 0.00

    Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.

Page 2 of 2