PT-2025-46172

Name of the Vulnerable Software and Affected Versions TOTOLink A7000R version 9.1.0u.6115 B20201022 Description A stack overflow exists in the urldecode function, specifically within the addEffect parameter. This issue allows attackers to trigger a Denial of Service DoS by sending a specially...

PT-2025-44656

Name of the Vulnerable Software and Affected Versions Totolink A7000R version 9.1.0u.6115 B20201022 Description The device contains a stack overflow issue through the ssid5g parameter within the sub 4222E0 function. A crafted request can lead to a Denial of Service DoS. Recommendations At the...

EUVD-2002-1812

Malware in sbrugna...

CVE-2025-51452

In TOTOLINK A7000R firmware 9.1.0u.6115B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm...

PT-2025-33016 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R firmware version 9.1.0u.6115 B20201022 Description: An attacker can bypass login by sending a specific request through the formLoginAuth.htm endpoint. Recommendations: Apply a configuration change to restrict access to the...

CVE-2020-6115

An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will save a reference to the...

CVE-2024-6115 itsourcecode Simple Online Hotel Reservation System add_room.php unrestricted upload

A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file addroom.php. The manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely...

PT-2023-31215 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLink A7000R version 9.1.0u.6115 B20201022 Description: The issue is a stack overflow vulnerability. It can be exploited via the setIpPortFilterRules function. Recommendations: For TOTOLink A7000R version 9.1.0u.6115 B20201022, as a...

CVE-2023-6115

Rejected reason: DUPLICATE CVE...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 : TeX Live vulnerability (USN-6115-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6115-1 advisory. Max Chernoff discovered that LuaTeX TeX Live did not properly disable shell escape. An attacker could possibly use this issue to...

SUSE CVE-2007-6443

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6115. Reason: This candidate is a duplicate of CVE-2007-6115. Notes: All CVE users should reference CVE-2007-6115 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

CVE-2022-37084

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a stack overflow via the sPort parameter at the addEffect function...

CVE-2022-37083

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg...

PT-2022-23797 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the host time parameter at the NTPSyncWithHost function, allowing for potential exploitation. Recommendations: For TOTOLINK A7000R version...

PT-2022-23792 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the lang parameter at the "/setting/setLanguageCfg" API endpoint. This allows for potential command injection attacks. Recommendations: For...

PT-2022-23790 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found in the UploadFirmwareFile function via the FileName parameter. Recommendations: For version 9.1.0u.6115 B20201022, avoid using the FileName paramet...

PT-2022-23793 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the hostName parameter in the setOpModeCfg function, allowing for potential exploitation. Recommendations: For version 9.1.0u.6115 B20201022,...

PT-2022-23791 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A stack overflow issue was discovered, which can be triggered via the pppoeUser parameter. Recommendations: For version 9.1.0u.6115 B20201022, avoid using the pppoeUser parameter unti...

PT-2022-23798 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the ip parameter at the setDiagnosisCfg function. Recommendations: For version 9.1.0u.6115 B20201022, consider restricting access to the...

Mageia: Security Advisory (MGASA-2018-0268)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...