EUVD-2022-36059

Malicious code in bioql PyPI...

CVE-2024-31815

In TOTOLINK EX200 V4.0.3c.7314B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettings.sh...

CVE-2022-32993

TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh...

TOTOLINK N350RT Access Control Error Vulnerability

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. The TOTOLINK N350RT suffers from an Access Control Error vulnerability that originates from an Access Control Error vulnerability contained in the /cgi-bin/ExportSettings.sh file. No details of the vulnerability ar...

CVE-2024-42966

Incorrect access control in TOTOLINK N350RT V9.3.5u.6139B20201216 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh...

CVE-2024-7156 TOTOLINK A3700R apmib Configuration ExportSettings.sh information disclosure

A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822B20200513 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/ExportSettings.sh of the component apmib Configuration Handler. The manipulation leads to information disclosure. The attack m...

CVE-2024-7156 TOTOLINK A3700R apmib Configuration ExportSettings.sh information disclosure

A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822B20200513 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/ExportSettings.sh of the component apmib Configuration Handler. The manipulation leads to information disclosure. The attack m...

TOTOLINK A3700R 信息泄露漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3700R suffers from an information disclosure vulnerability that originates in the /cgi-bin/ExportSettings.sh file of the apmib Configuration Handler component, which is not sufficiently protected agains...

CVE-2024-31815

TOTOLINK EX200, version 4.0.3c.7314_B20191204, is exposed to an unauthorized disclosure of the device configuration via the /cgi-bin/ExportSettings.sh API endpoint. Multiple sources (CVE record, Red Hat security entry, CNVD/CNNVD summaries) align on a vulnerability described as improper privilege...

CVE-2024-31815

In TOTOLINK EX200 V4.0.3c.7314B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettings.sh...

PT-2025-51744

Name of the Vulnerable Software and Affected Versions D-Link DAP-1325 firmware version 1.01 Description The device has a flaw in access control that permits unauthenticated attackers to obtain device configuration settings without needing to authenticate. Attackers can access the...

TOTOLINK A7000R Access Control Error Vulnerability

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from an access control vulnerability that stems from improper access control in its /cgi-bin/ExportSettings.sh...

CVE-2022-32993

TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh...

CVE-2022-32993

CVE-2022-32993 affects TOTOLINK A7000R (version 4.1cu.4134). The issue is an access control flaw in the /cgi-bin/ExportSettings.sh endpoint, enabling unauthorized access. NVD reports a high-severity (CRITICAL) impact (C/H, I/H, A/H) with CVSS 3.1 base score 9.8. Some sources describe the vulnerab...

CVE-2022-32993

TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh...

CVE-2022-32429

An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily configure settings within the application, leading to remote code execution...

PT-2022-21316 · Mega System Technologies Inc · Msnswitch Mnt.2408

Name of the Vulnerable Software and Affected Versions: Mega System Technologies Inc MSNSwitch MNT.2408 Description: An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh allows unauthenticated attackers to arbitrarily configure settings within the...