A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01.21_CN in the sub_422CE4 function in the goform/setIPv6Status binary file /usr/sbin/httpd via the conType parameter, which causes a Denial of Service.
References
Link | Resource |
---|---|
http://tendawifi.com/index.html | Broken Link |
https://github.com/sec-bin/IoT-CVE/tree/main/Tenda/AX12/1 | Exploit Third Party Advisory |
https://www.tenda.com.cn/ | Vendor Advisory |
https://www.tenda.com.cn/product/AX12.html | Product Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2022-02-16 14:15
Updated : 2024-02-28 19:09
NVD link : CVE-2021-45391
Mitre link : CVE-2021-45391
CVE.ORG link : CVE-2021-45391
JSON object : View
Products Affected
tenda
- ax12_firmware
- ax12
CWE
CWE-787
Out-of-bounds Write