69 matches found
CVE-2025-12240
CVE-2025-12240 is associated with TOTOLINK A3300R 17.0.0cu.557_B20221024. The vulnerability affects the function setDmzCfg in the file /cgi-bin/cstecgi.cgi, where manipulation of the ip argument leads to a buffer overflow. This can be exploited remotely; multiple sources describe a publicly discl...
CVE-2025-11444
A security vulnerability has been detected in TOTOLINK N600R up to 4.3.0cu.7866B20220506. This impacts the function setWiFiBasicConfig of the file /cgi-bin/cstecgi.cgi of the component HTTP Request Handler. Such manipulation of the argument wepkey leads to buffer overflow. It is possible to launc...
TOTOLINK N600R 命令注入漏洞
The TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, supporting concurrent operation in the 2.4GHz and 5GHz bands with a maximum wireless transmission rate of 300Mbps. The TOTOLINK N600R suffers from a command injection vulnerability that originates from...
TOTOLINK T10 安全漏洞
TOTOLINK T10 is a wireless network system router from China's Gion Electronics TOTOLINK. The TOTOLINK T10 suffers from a buffer overflow vulnerability, which originates from the parameter desc of the function setWiFiScheduleCfg in the file /cgi-bin/cstecgi.cgi that fails to correctly validate the...
The vulnerability of the RebootSystem function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK A720R router’s microprogramming software allows a hacker to circumvent existing security restrictions.
The vulnerability of the RebootSystem function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK A720R router software is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to bypass existing security restrictions remotely...
CVE-2022-41525
TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain a command injection vulnerability via the OpModeCfg function at /cgi-bin/cstecgi.cgi...
TOTOLINK EX1800T 安全漏洞
TOTOLINK EX1800T is a wireless repeater from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from an OS command injection vulnerability that originates from the setDmzCfg contained in /cgi-bin/cstecgi.cgi, and no details of the vulnerability are provided at this time...
CVE-2024-10966
A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu.2024B20220329. Affected by this issue is some unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable leads to os command injection. The attack may be launched remotel...
The vulnerability of the setModifyVpnUser() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK X5000R router software allows a hacker to execute any command they desire.
The vulnerability of the setModifyVpnUser function /cgi-bin/cstecgi.cgi in the TOTOLINK X5000R router software exists because measures to neutralize the special elements used in operating systems have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
TOTOLINK T10 安全漏洞
TOTOLINK T10 is a wireless network system router from China's Gion Electronics TOTOLINK. The TOTOLINK T10 suffers from a command injection vulnerability that stems from the parameter command in the file /cgi-bin/cstecgi.cgi that can lead to operating system command injection. No details of the...
CVE-2024-8575
A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.861B20230220 and classified as critical. This issue affects the function setWiFiScheduleCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to buffer overflow. The attack may be initiated remotely. The exploit h...
CVE-2024-7465
A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747B20191224. Affected is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument httphost leads to buffer overflow. It is possible to launch the attack remotely. The exploit h...
TOTOLINK CP900 安全漏洞
The TOTOLINK CP900 is a wireless router. The TOTOLINK CP900 suffers from a buffer overflow vulnerability that stems from improper handling of the File parameter in the UploadCustomModule function of the file /cgi-bin/cstecgi.cgi. An attacker can use this vulnerability to cause a crash of the...
TOTOLINK A3600R 操作系统命令注入漏洞
TOTOLINK A3600R is a 6-antenna 1200M wireless router manufactured by China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from an OS command injection vulnerability. The vulnerability originates in the /cgi-bin/cstecgi.cgi file stemming from improper handling of the ipDomain parameter. ...
TOTOLINK A3600R 安全漏洞
TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a buffer overflow vulnerability that originates from improper handling of the comment parameter in the setIpQosRules function of the /cgi-bin/cstecgi.cgi file. An attacker...
TOTOLINK A3600R 安全漏洞
TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a buffer overflow vulnerability that originates from the startTime/endTime parameter in the setParentalRules function of the /cgi-bin/cstecgi.cgi file that fails to...
PT-2024-5384 · Totolink · Totolink Cp900L
Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900 version 6.3c.566 Description: A critical issue affects the UploadCustomModule function of the /cgi-bin/cstecgi.cgi file, related to a buffer overflow when handling the File parameter. This can be exploited remotely by sending a...
PT-2024-5477 · Totolink · Totolink Ex1200T
Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version 9.3.5u.6146 B20201023 Description: The issue is caused by a buffer overflow on the stack when processing the http host parameter in the loginauth function of the /cgi-bin/cstecgi.cgi file. This can be exploited by a...
PT-2024-9038 · Totolink · Totolink X18
Name of the Vulnerable Software and Affected Versions: TOTOLINK X18 version 9.1.0cu.2024 B20220329 Description: A critical issue has been found in the TOTOLINK X18, affecting some unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the enable argument leads to os command...
TOTOLINK X5000R 安全漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R port parameter, which originates from the port parameter of /cgi-bin/cstecgi.cgi failing to properly filter constructed command special characters, commands, and...