Lucene search
K

69 matches found

CVE
CVE
added 2025/10/27 6:32 a.m.20 views

CVE-2025-12240

CVE-2025-12240 is associated with TOTOLINK A3300R 17.0.0cu.557_B20221024. The vulnerability affects the function setDmzCfg in the file /cgi-bin/cstecgi.cgi, where manipulation of the ip argument leads to a buffer overflow. This can be exploited remotely; multiple sources describe a publicly discl...

9.8CVSS8.8AI score0.00753EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/10/08 8:15 a.m.12 views

CVE-2025-11444

A security vulnerability has been detected in TOTOLINK N600R up to 4.3.0cu.7866B20220506. This impacts the function setWiFiBasicConfig of the file /cgi-bin/cstecgi.cgi of the component HTTP Request Handler. Such manipulation of the argument wepkey leads to buffer overflow. It is possible to launc...

9CVSS0.00958EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/09/04 12:0 a.m.5 views

TOTOLINK N600R 命令注入漏洞

The TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, supporting concurrent operation in the 2.4GHz and 5GHz bands with a maximum wireless transmission rate of 300Mbps. The TOTOLINK N600R suffers from a command injection vulnerability that originates from...

9.8CVSS7.5AI score0.02997EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/16 12:0 a.m.3 views

TOTOLINK T10 安全漏洞

TOTOLINK T10 is a wireless network system router from China's Gion Electronics TOTOLINK. The TOTOLINK T10 suffers from a buffer overflow vulnerability, which originates from the parameter desc of the function setWiFiScheduleCfg in the file /cgi-bin/cstecgi.cgi that fails to correctly validate the...

9CVSS8.2AI score0.00775EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.5 views

The vulnerability of the RebootSystem function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK A720R router’s microprogramming software allows a hacker to circumvent existing security restrictions.

The vulnerability of the RebootSystem function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK A720R router software is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to bypass existing security restrictions remotely...

5.3CVSS5.8AI score0.0096EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 11:38 p.m.4 views

CVE-2022-41525

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain a command injection vulnerability via the OpModeCfg function at /cgi-bin/cstecgi.cgi...

9.8CVSS9.7AI score0.01799EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/07 12:0 a.m.2 views

TOTOLINK EX1800T 安全漏洞

TOTOLINK EX1800T is a wireless repeater from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from an OS command injection vulnerability that originates from the setDmzCfg contained in /cgi-bin/cstecgi.cgi, and no details of the vulnerability are provided at this time...

9.8CVSS7.5AI score0.02481EPSS
Exploits1References7
OSV
OSV
added 2024/11/07 6:15 p.m.3 views

CVE-2024-10966

A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu.2024B20220329. Affected by this issue is some unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable leads to os command injection. The attack may be launched remotel...

8.8CVSS5.6AI score
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/10/02 12:0 a.m.4 views

The vulnerability of the setModifyVpnUser() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK X5000R router software allows a hacker to execute any command they desire.

The vulnerability of the setModifyVpnUser function /cgi-bin/cstecgi.cgi in the TOTOLINK X5000R router software exists because measures to neutralize the special elements used in operating systems have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

9CVSS6AI score0.01661EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2024/09/19 12:0 a.m.5 views

TOTOLINK T10 安全漏洞

TOTOLINK T10 is a wireless network system router from China's Gion Electronics TOTOLINK. The TOTOLINK T10 suffers from a command injection vulnerability that stems from the parameter command in the file /cgi-bin/cstecgi.cgi that can lead to operating system command injection. No details of the...

8.8CVSS7.6AI score0.04035EPSS
Exploits1References7
OSV
OSV
added 2024/09/08 5:15 p.m.7 views

CVE-2024-8575

A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.861B20230220 and classified as critical. This issue affects the function setWiFiScheduleCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to buffer overflow. The attack may be initiated remotely. The exploit h...

8.8CVSS6.3AI score0.01091EPSS
Exploits1References5
OSV
OSV
added 2024/08/05 2:16 a.m.3 views

CVE-2024-7465

A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747B20191224. Affected is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument httphost leads to buffer overflow. It is possible to launch the attack remotely. The exploit h...

9.8CVSS7.5AI score
Exploits0References4
CNNVD
CNNVD
added 2024/08/05 12:0 a.m.3 views

TOTOLINK CP900 安全漏洞

The TOTOLINK CP900 is a wireless router. The TOTOLINK CP900 suffers from a buffer overflow vulnerability that stems from improper handling of the File parameter in the UploadCustomModule function of the file /cgi-bin/cstecgi.cgi. An attacker can use this vulnerability to cause a crash of the...

9.8CVSS7.8AI score0.10978EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.4 views

TOTOLINK A3600R 操作系统命令注入漏洞

TOTOLINK A3600R is a 6-antenna 1200M wireless router manufactured by China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from an OS command injection vulnerability. The vulnerability originates in the /cgi-bin/cstecgi.cgi file stemming from improper handling of the ipDomain parameter. ...

8.8CVSS7.5AI score0.03086EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.4 views

TOTOLINK A3600R 安全漏洞

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a buffer overflow vulnerability that originates from improper handling of the comment parameter in the setIpQosRules function of the /cgi-bin/cstecgi.cgi file. An attacker...

9CVSS7.7AI score0.01091EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.4 views

TOTOLINK A3600R 安全漏洞

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a buffer overflow vulnerability that originates from the startTime/endTime parameter in the setParentalRules function of the /cgi-bin/cstecgi.cgi file that fails to...

9CVSS8AI score0.01091EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.5 views

PT-2024-5384 · Totolink · Totolink Cp900L

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900 version 6.3c.566 Description: A critical issue affects the UploadCustomModule function of the /cgi-bin/cstecgi.cgi file, related to a buffer overflow when handling the File parameter. This can be exploited remotely by sending a...

9.8CVSS9AI score0.10978EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.11 views

PT-2024-5477 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version 9.3.5u.6146 B20201023 Description: The issue is caused by a buffer overflow on the stack when processing the http host parameter in the loginauth function of the /cgi-bin/cstecgi.cgi file. This can be exploited by a...

9CVSS8.9AI score0.01203EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2024/07/11 12:0 a.m.7 views

PT-2024-9038 · Totolink · Totolink X18

Name of the Vulnerable Software and Affected Versions: TOTOLINK X18 version 9.1.0cu.2024 B20220329 Description: A critical issue has been found in the TOTOLINK X18, affecting some unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the enable argument leads to os command...

8.8CVSS7.1AI score0.03074EPSS
Exploits1References14
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.2 views

TOTOLINK X5000R 安全漏洞

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R port parameter, which originates from the port parameter of /cgi-bin/cstecgi.cgi failing to properly filter constructed command special characters, commands, and...

9.8CVSS7.7AI score0.02093EPSS
Exploits1References4
Rows per page
Query Builder