CVE-2023-47422
published 2024-02-20CVE-2023-47422: An access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12.11, Tenda AX9 V1 V22.03.01.46, and Tenda AX12 V1 V22.03.01.46…
high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
An access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12.11, Tenda AX9 V1 V22.03.01.46, and Tenda AX12 V1 V22.03.01.46 allows attackers to bypass authentication on any endpoint via a crafted URL.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenda | ax12_firmware | — | — |
| tenda | ax3_firmware | — | — |
| tenda | ax9_firmware | — | — |
| tenda | tx9_firmware | — | — |