3 matches found
CVE-2023-51024
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi...
CVE-2023-51024
TOTOLINK EX1800T v9.1.0cu.2112_B20220316 is affected by an unauthorized arbitrary command execution in the tz parameter of the setNtpCfg interface (cstecgi.cgi). The root cause is improper filtering of command characters in tz, enabling remote code execution with high impact. A patch/version is n...
CVE-2023-51024
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi...