Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

230 matches found

CNVD
CNVDadded 2026/04/09 12:0 a.m.8 views

TOTOLINK A3600R setNoticeCfg function command injection vulnerability

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK A3600R version 4.1.2cu.5182B20201102. The vulnerability stems from the failure of the function setNoticeCfg in the file /cgi-bin/cstecgi.cgi in the...

9.8CVSS6.7AI score0.02234EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2026/04/02 5:4 a.m.2 views

CVE-2026-31027

TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig interface of /lib/cstemodules/app.so. The vulnerability occurs because the rootSsid parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially...

9.8CVSS6.7AI score0.00585EPSS
Exploits1References1
EUVD
EUVDadded 2026/04/01 6:36 p.m.5 views

EUVD-2026-17913

TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig interface of /lib/cstemodules/app.so. The vulnerability occurs because the rootSsid parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially...

9.8CVSS6.7AI score0.00585EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/04/01 12:0 a.m.2 views

CVE-2026-31027

TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig interface of /lib/cstemodules/app.so. The vulnerability occurs because the rootSsid parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially...

6.7AI score0.00585EPSS
Exploits1References1
CVE
CVEadded 2026/04/01 12:0 a.m.8 views

CVE-2026-31027

CVE-2026-31027 affects TOTOlink A3600R (v5.9c.4959). A buffer overflow exists in the setAppEasyWizardConfig interface under /lib/cste_modules/app.so due to improper validation of the rootSsid parameter. The vulnerability is exploitable remotely over the network with no privileges or user interact...

9.8CVSS6.7AI score0.00585EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/01 12:0 a.m.2 views

PT-2026-29544

TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig interface of /lib/cste modules/app.so. The vulnerability occurs because the rootSsid parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentiall...

9.8CVSS6.7AI score0.00585EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/03/30 5:0 a.m.7 views

CVE-2026-5020

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...

9.8CVSS5.7AI score0.02234EPSS
Exploits1References1
EUVD
EUVDadded 2026/03/29 4:30 a.m.2 views

EUVD-2026-16961

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...

6.5CVSS6.5AI score0.02234EPSS
Exploits1References6
NVD
NVDadded 2026/03/29 1:15 a.m.3 views

CVE-2026-5020

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...

9.8CVSS0.02234EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/03/29 12:30 a.m.1 views

CVE-2026-5020

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...

6.5CVSS5.7AI score0.02234EPSS
Exploits1References5Affected Software1
CVE
CVEadded 2026/03/29 12:30 a.m.15 views

CVE-2026-5020

Summary: CVE-2026-5020 affects Totolink A3600R (v4.1.2cu.5182_B20201102). The vulnerability is in the Parameter Handler’s setNoticeCfg function (file /cgi-bin/cstecgi.cgi). Manipulating the NoticeUrl argument allows arbitrary command execution via a remote attacker, with exploit publicly availabl...

9.8CVSS6.5AI score0.02234EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/03/29 12:30 a.m.33 views

CVE-2026-5020 Totolink A3600R Parameter cstecgi.cgi setNoticeCfg command injection

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...

6.5CVSS0.02234EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/03/29 12:30 a.m.3 views

CVE-2026-5020 Totolink A3600R Parameter cstecgi.cgi setNoticeCfg command injection

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...

6.5CVSS6.5AI score0.02234EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/03/29 12:0 a.m.4 views

PT-2026-28734

Name of the Vulnerable Software and Affected Versions Totolink A3600R version 4.1.2cu.5182 B20201102 Description A command injection issue exists in the setNoticeCfg function within the /cgi-bin/cstecgi.cgi file of the Parameter Handler component. Manipulation of the NoticeUrl argument can allow...

6.5CVSS6.1AI score0.02234EPSS
Exploits1References11
CNNVD
CNNVDadded 2026/03/29 12:0 a.m.7 views

TOTOLINK A3600R 命令注入漏洞

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK A3600R version 4.1.2cu.5182B20201102. The vulnerability stems from the failure of the function setNoticeCfg in the file /cgi-bin/cstecgi.cgi in the...

9.8CVSS6.7AI score0.02234EPSS
Exploits1References5
CNVD
CNVDadded 2026/02/11 12:0 a.m.4 views

TOTOLINK A3600R Buffer Overflow Vulnerability

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a buffer overflow vulnerability that originates from the failure of apcliSsid, a parameter of the setAppEasyWizardConfig function in the /lib/cstemodules/app.so library, t...

9CVSS9AI score0.00656EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2026/01/31 3:21 p.m.13 views

CVE-2026-1686

A security flaw has been discovered in Totolink A3600R 5.9c.4959. This issue affects the function setAppEasyWizardConfig in the library /lib/cstemodules/app.so. Performing a manipulation of the argument apcliSsid results in buffer overflow. It is possible to initiate the attack remotely. The...

9CVSS7.5AI score0.00656EPSS
Exploits1References1
OSV
OSVadded 2026/01/30 4:16 p.m.3 views

CVE-2026-1686

A security flaw has been discovered in Totolink A3600R 5.9c.4959. This issue affects the function setAppEasyWizardConfig in the library /lib/cstemodules/app.so. Performing a manipulation of the argument apcliSsid results in buffer overflow. It is possible to initiate the attack remotely. The...

8.7CVSS6.2AI score0.00656EPSS
Exploits1References6
NVD
NVDadded 2026/01/30 4:16 p.m.5 views

CVE-2026-1686

A security flaw has been discovered in Totolink A3600R 5.9c.4959. This issue affects the function setAppEasyWizardConfig in the library /lib/cstemodules/app.so. Performing a manipulation of the argument apcliSsid results in buffer overflow. It is possible to initiate the attack remotely. The...

9CVSS0.00656EPSS
Exploits1References6
Cvelist
Cvelistadded 2026/01/30 3:2 p.m.35 views

CVE-2026-1686 Totolink A3600R app.so setAppEasyWizardConfig buffer overflow

A security flaw has been discovered in Totolink A3600R 5.9c.4959. This issue affects the function setAppEasyWizardConfig in the library /lib/cstemodules/app.so. Performing a manipulation of the argument apcliSsid results in buffer overflow. It is possible to initiate the attack remotely. The...

9CVSS0.00656EPSS
Exploits1References6
Rows per page
Query Builder