7 matches found
CVE-2023-29798
TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function...
CVE-2023-29802
TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function...
CVE-2023-29798
TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function...
CVE-2023-29800
TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function...
CVE-2023-29798
TOTOLINK X18 firmware 9.1.0cu.2024_B20220329 is affected by a command injection in the setTracerouteCfg function, exploitable via the command parameter. The vulnerability is described across multiple sources as a remote attack against the affected device over the network, with potential for arbit...
CVE-2023-29802
TOTOLINK X18 firmware V9.1.0cu.2024_B20220329 contains a critical command-injection vulnerability in setDiagnosisCfg (ip parameter). CVSS 3.1: 9.8 (CRITICAL), Network, No auth, No user interaction; impacts Confidentiality, Integrity, Availability. Connected sources indicate a PoC exists and autom...
CVE-2023-29802
TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function...