CVE-2023-48804

In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file, sub4119A0 function obtains fields from the front-end through Uci Set The Str function when passed to the CsteSystem function creates a command execution vulnerability...

CVE-2023-48808

In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file, sub4119A0 function obtains fields from the front-end through Uci Set The Str function when passed to the CsteSystem function creates a command execution vulnerability...

CVE-2022-38308

TOTOLink A700RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload...

CVE-2022-38308

TOTOLink A700RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload...

TOTOLINK A700RU 操作系统命令注入漏洞

TOTOLINK A700RU is a wireless dual-band router from China's Gion Electronics TOTOLINK. TOTOLINK A700RU V7.4cu.2313B20191024 suffers from an operating system command injection vulnerability, which originates from a command injection that can be performed via the lang parameter in the function...

PT-2022-24358 · Totolink · Totolink A700Ru

Name of the Vulnerable Software and Affected Versions: TOTOLink A700RU version V7.4cu.2313 B20191024 Description: A command injection issue was discovered, allowing attackers to execute arbitrary commands via a crafted payload. This issue is related to the lang parameter in the cstesystem functio...