CVE-2022-26209

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setUploadSetting, via the...

CVE-2022-26210

CVE-2022-26210 is a command-injection vulnerability in Totolink routers (A830R, A3100R, A950RG, A800R, A3000RU, A810R) in the setUpgradeFW function, exploitable via the FileName parameter. The affected firmware variants (e.g., A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4....

EUVD-2022-30774

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setUpgradeFW, via the FileName...

CVE-2022-26210

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setUpgradeFW, via the FileName...

USN-5327-1 netkit-rsh vulnerability

Hiroyuki Yamamori discovered that rsh incorrectly handled certain filenames. If a user or automated system were tricked into connecting to a malicious rsh server, a remote attacker could possibly use this issue to modify directory permissions...

PT-2022-3854 · Totolink · Totolink A3100R +5

Name of the Vulnerable Software and Affected Versions: TOTOLINK A800R version 4.1.2cu.5137 B20200730 TOTOLINK A810R version 4.1.2cu.5182 B20201026 TOTOLINK A830R version 5.9c.4729 B20191112 TOTOLINK A3000RU version 5.9c.5185 B20201128 TOTOLINK A3100R version 4.1.2cu.5050 B20200504 TOTOLINK A950RG...

Insecure File Upload

freetakserverui has insecure file upload. The vulnerability exists due to an issue in the filename= argument of the route /DataPackageTable which allows an attacker to place arbitrary files anywhere on the system...

Out-of-Bounds Read

pjproject is vulnerable to out of bounds read. The vulnerability exists due to a lack of validation of filename allowing an attacker to read out of bounds when the filename is shorter than 4 characters...

CVE-2022-25511

An issue in the ?filename= argument of the route /DataPackageTable in FreeTAKServer-UI v1.9.8 allows attackers to place arbitrary files anywhere on the system...

GHSA-6H3M-36W8-HV68 Arbitrary file write in nats-server

This document is canonically: Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. JetStream is the optional RAFT-based resilient persistent feature of NATS. Problem Description The JetStream...

golang: archive/zip: Reader.Open panics on empty string

A vulnerability was found in archive/zip of the Go standard library. Applications written in Go where Reader.Open the API implementing io/fs.FS introduced in Go 1.16 can panic when parsing a crafted ZIP archive containing completely invalid names or an empty filename argument...

Apache mod_negotiation Alternative Filename Disclosure

Apache web server configured with modnegotiation and Multiviews enabled may, on receipt of a crafted invalid request with a extension-less filename return a pseudo directory listing of matching resources with known mime types. This feature may be abused by attackers to discover hidden resources o...

CVE-2022-0442

The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user avatar, and does not make sure file names for user avatars are unique, allowing a logged in user to overwrite another users avatar...

Church Admin < 3.4.135 - Unauthenticated Plugin's Backup Disclosure

The plugin does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a publicly accessible temporary file generated by the plugin in order to...

CVE-2022-26315

qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader...

PT-2022-17033 · Kde +2 · Kde Kcron +2

Name of the Vulnerable Software and Affected Versions: KDE KCron versions prior to 21.12.3 Description: The issue allows an attacker to potentially intercept a temporary file and run unauthorized commands. This is due to the reuse of a filename in the /tmp directory during an editing session...

CVE-2022-25098

ECTouch v2 suffers from arbitrary file deletion due to insufficient filtering of the filename parameter...

CVE-2022-25098

ECTouch v2 suffers from arbitrary file deletion due to insufficient filtering of the filename parameter...

CVE-2022-25098

ECTouch v2 suffers from arbitrary file deletion due to insufficient filtering of the filename parameter...

Arbitrary file deletion

ECTouch v2 suffers from arbitrary file deletion due to insufficient filtering of the filename parameter...