64 matches found
PT-2024-1580 · Totolink · Totolink N350Rt
Name of the Vulnerable Software and Affected Versions: Totolink N350RT version 9.3.5u.6139 B202012 Description: The issue is related to a stack-based buffer overflow in the loginAuth function of the /cgi-bin/cstecgi.cgi file. This can be exploited by manipulating the http host argument, allowing ...
CVE-2023-36950
TOTOLINK X5000R V9.1.0u.6118B20201102 and TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a stack overflow via the httphost parameter in the function loginAuth...
CVE-2023-36340
TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain a stack overflow via the httphost parameter in the function loginAuth...
Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability
Talos Vulnerability Report TALOS-2023-1701 Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability July 6, 2023 CVE Number CVE-2023-22319 SUMMARY A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A...