📦 Ax9 Firmware

CVE-2023-49429 is a SQL injection vulnerability in Tenda AX9 routers that allows attackers to execute arbitrary SQL commands through the 'mac' parameter in the setDeviceInfo feature. This affects all ...

This CVE describes a command injection vulnerability in Tenda AX9 routers that allows attackers to execute arbitrary commands on the device. The vulnerability exists in the 'mac' parameter of the /gof...

Tenda AX9 routers running firmware V22.03.01.46 contain a stack overflow vulnerability in the SetVirtualServerCfg function. Attackers can exploit this by sending specially crafted requests to the '/go...

Tenda AX9 routers running firmware version V22.03.01.46 contain a command injection vulnerability in the SetNetControlList function. This allows attackers to execute arbitrary commands on the device w...

This vulnerability in Tenda AX9 routers allows attackers to exploit weak hash functions in the firmware update mechanism via the httpd component. Attackers could potentially upload malicious firmware ...