A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in the goform/setIPv6Status binary file /usr/sbin/httpd via the conType parameter, which causes a Denial of Service.
References
Link | Resource |
---|---|
http://tendawifi.com/index.html | Broken Link |
https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/1 | Exploit Third Party Advisory |
https://www.tenda.com.cn/ | Vendor Advisory |
https://www.tenda.com.cn/product/AX12.html | Product Vendor Advisory |
http://tendawifi.com/index.html | Broken Link |
https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/1 | Exploit Third Party Advisory |
https://www.tenda.com.cn/ | Vendor Advisory |
https://www.tenda.com.cn/product/AX12.html | Product Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 06:32
Type | Values Removed | Values Added |
---|---|---|
References | () http://tendawifi.com/index.html - Broken Link | |
References | () https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/1 - Exploit, Third Party Advisory | |
References | () https://www.tenda.com.cn/ - Vendor Advisory | |
References | () https://www.tenda.com.cn/product/AX12.html - Product, Vendor Advisory |
Information
Published : 2022-02-16 14:15
Updated : 2024-11-21 06:32
NVD link : CVE-2021-45391
Mitre link : CVE-2021-45391
CVE.ORG link : CVE-2021-45391
JSON object : View
Products Affected
tenda
- ax12
- ax12_firmware
CWE
CWE-787
Out-of-bounds Write