Vulnerability Details CVE-2023-49429
Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the 'setDeviceInfo' feature through the 'mac' parameter at /goform/setModules.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.2%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-49429
-
cpe:2.3:h:tenda:ax9:-
-
cpe:2.3:o:tenda:ax9_firmware:22.03.01.46