Lucene search
+L

313 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/19 10:32 a.m.4 views

CVE-2026-1150

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

8.8CVSS5.4AI score0.0235EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/19 10:32 a.m.5 views

CVE-2026-1150 Totolink LR350 POST Request cstecgi.cgi setTracerouteCfg command injection

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

6.5CVSS5.4AI score0.0235EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/19 10:32 a.m.36 views

CVE-2026-1150 Totolink LR350 POST Request cstecgi.cgi setTracerouteCfg command injection

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

6.5CVSS0.0235EPSS
Exploits1References5
CVE
CVE
added 2026/01/19 10:32 a.m.21 views

CVE-2026-1150

Totolink LR350 9.3.5u.6369_B20220309 is affected. The vulnerability resides in the POST Request Handler’s setTracerouteCfg function in /cgi-bin/cstecgi.cgi, where manipulating the command argument leads to remote command injection. The exploit has been released publicly, enabling remote execution...

8.8CVSS5.4AI score0.0235EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/01/19 10:16 a.m.11 views

CVE-2026-1149

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

8.8CVSS0.02714EPSS
Exploits1References5
OSV
OSV
added 2026/01/19 10:16 a.m.8 views

CVE-2026-1149

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

8.8CVSS5.7AI score0.02714EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/19 10:2 a.m.4 views

CVE-2026-1149

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

8.8CVSS5.3AI score0.02714EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/01/19 10:2 a.m.38 views

CVE-2026-1149 Totolink LR350 POST Request cstecgi.cgi setDiagnosisCfg command injection

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

6.5CVSS0.02714EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/19 10:2 a.m.5 views

CVE-2026-1149 Totolink LR350 POST Request cstecgi.cgi setDiagnosisCfg command injection

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

6.5CVSS6.4AI score0.02714EPSS
Exploits1References5
CVE
CVE
added 2026/01/19 10:2 a.m.42 views

CVE-2026-1149

CVE-2026-1149 affects Totolink LR350; the flaw is in the POST Request Handler’s /cgi-bin/cstecgi.cgi, in the setDiagnosisCfg function. Crafted input to the ip argument enables remote command injection. Exploit is publicly available and could be used, per sources. Affected version: 9.3.5u.6369_B20...

8.8CVSS5.4AI score0.02714EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.8 views

TOTOLINK LR350 Command Injection Vulnerability

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version contains a command injection vulnerability. This vulnerability arises from incorrect handling of the parameter “command” in the file /cgi-bin/cstecgi.cgi, which may lead to comman...

8.8CVSS6.6AI score0.0235EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.9 views

TOTOLINK LR350 security vulnerabilities

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “ssid” in the file /cgi-bin/cstecgi.cgi, which may lead to a buffer overflow...

9CVSS7.7AI score0.00885EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.9 views

TOTOLINK LR350 security vulnerabilities

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “ssid” in the file /cgi-bin/cstecgi.cgi, which may lead to a buffer overflow...

9CVSS7.7AI score0.00794EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.10 views

TOTOLINK LR350 Command Injection Vulnerability

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version has a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter “ip” in the file /cgi-bin/cstecgi.cgi, which may lead to command injection...

8.8CVSS6.6AI score0.02714EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.7 views

TOTOLINK LR350 security vulnerabilities

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “ssid” in the file /cgi-bin/cstecgi.cgi, which may lead to a buffer overflow...

9CVSS7.7AI score0.00632EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.6 views

TOTOLINK LR350 security vulnerabilities

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “ssid” in the file /cgi-bin/cstecgi.cgi, which may lead to a buffer overflow...

9CVSS7.7AI score0.00619EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.12 views

PT-2026-3417

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A security flaw exists in Totolink LR350. The issue affects the setWizardCfg function within the /cgi-bin/cstecgi.cgi file, specifically in the POST Request Handler component. Manipulati...

9CVSS7.6AI score0.00632EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.5 views

PT-2026-3439

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A buffer overflow issue exists in the setWiFiEasyGuestCfg function located in the /cgi-bin/cstecgi.cgi file. The manipulation of the ssid argument can trigger this issue, potentially...

9CVSS8AI score0.00794EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.9 views

PT-2026-3416

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A flaw exists in the setWiFiEasyCfg function within the /cgi-bin/cstecgi.cgi file of the software. This issue stems from a buffer overflow that occurs when processing the ssid parameter...

9CVSS7.5AI score0.00885EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.8 views

PT-2026-3440

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A flaw exists in the setWiFiBasicCfg function within the /cgi-bin/cstecgi.cgi file of the affected software. This issue is a buffer overflow that occurs when processing the ssid paramete...

9CVSS7.4AI score0.00619EPSS
Exploits1References14
Rows per page
Query Builder