Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/02/24 1:44 a.m.7 views

CVE-2025-70327

TOTOLINK X5000R v9.1.0cu2415B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen...

9.8CVSS5.7AI score0.00693EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/19 10:2 a.m.35 views

CVE-2026-1149 Totolink LR350 POST Request cstecgi.cgi setDiagnosisCfg command injection

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

6.5CVSS0.02714EPSS
Exploits1References5
CNVD
CNVD
added 2024/01/30 12:0 a.m.5 views

TOTOLINK N200RE command parameter buffer overflow vulnerability

The TOTOLINK N200RE is a wireless router for the SOHO market. The TOTOLINK N200RE suffers from a buffer overflow vulnerability that originates from a stack-based buffer overflow in the command parameter of the setDiagnosisCfg function of /cgi-bin/cstecgi.cgi. No detailed vulnerability details are...

8.8CVSS7.5AI score0.0125EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.7 views

PT-2022-27152 · Totolink · Totolink Lr350

Name of the Vulnerable Software and Affected Versions: TOTOLINK LR350 version 9.3.5u.6369 B20220309 Description: The issue is a post-authentication buffer overflow that occurs via the ip parameter in the setDiagnosisCfg function. This allows for potential exploitation after authentication has bee...

8.8CVSS7.6AI score0.0211EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.5 views

TOTOLINK N350RT 缓冲区错误漏洞

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a stack overflow issue in the setDiagnosisCfg method...

7.8CVSS5.5AI score0.00331EPSS
Exploits1References2
Rows per page
Query Builder