Lucene search
K

14 matches found

EUVD
EUVD
added 2026/05/24 2:30 p.m.11 views

EUVD-2026-31544

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument mode can lead to os command injection. It is possible to...

10CVSS7.1AI score0.0209EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.4 views

CVE-2026-5678

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The exploit has been...

7.5CVSS6.8AI score0.0114EPSS
Exploits0References1
CVE
CVE
added 2026/02/21 4:32 p.m.20 views

CVE-2026-2873

CVE-2026-2873 affects Tenda A21 firmware (1.0.0.0) where the setSchedWifi function in /goform/openSchedWifi is vulnerable to a stack-based buffer overflow caused by manipulated schedStartTime/schedEndTime arguments. The vulnerability can be triggered remotely, and the exploit is public (exploit m...

9CVSS6.4AI score0.00568EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/10/27 10:15 a.m.4 views

CVE-2025-12259

A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...

8.7CVSS6.3AI score0.0093EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/27 10:2 a.m.5 views

CVE-2025-12259 TOTOLINK A3300R POST Parameter cstecgi.cgi setScheduleCfg stack-based overflow

A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...

9CVSS8.8AI score0.0093EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/27 10:2 a.m.6 views

CVE-2025-12259 TOTOLINK A3300R POST Parameter cstecgi.cgi setScheduleCfg stack-based overflow

A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...

9CVSS0.0093EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.4 views

TOTOLINK A3300R 安全漏洞

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a stack buffer overflow vulnerability that originates from the parameter recHour of the setScheduleCfg function o...

9CVSS8.1AI score0.0093EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/17 9:24 a.m.15 views

CVE-2025-9023

A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...

9CVSS7.4AI score0.00739EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.5 views

The vulnerability of the setScheduleCfg function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK A3700R wireless router software allows a attacker to cause a service failure.

The vulnerability of the setScheduleCfg function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK A3700R wireless router software is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending a specially crafted PO...

5.3CVSS5.9AI score0.01109EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.6 views

The vulnerability of the setScheduleCfg function in the microprogramming software for TOTOLINK X5000R allows a hacker to execute arbitrary commands.

The vulnerability of the setScheduleCfg function in TOTOLINK X5000R router microprogramming software exists due to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by manipulating the week parameter...

9CVSS8.4AI score0.01573EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.6 views

The vulnerability of the setScheduleCfg function in the microprogramming software for TOTOLINK X5000R allows a hacker to execute arbitrary commands.

The vulnerability of the setScheduleCfg function in TOTOLINK X5000R router microprogramming software exists due to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by manipulating the switch parameter...

9CVSS8.4AI score0.01573EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.4 views

TOTOLINK X5000R 安全漏洞

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. The TOTOLINK X5000R suffers from a command injection vulnerability that stems from the "minute" parameter in setScheduleCfg failing to properly filter constructed command special characters, commands, etc. This vulnerability...

8.8CVSS9.3AI score0.01708EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.5 views

TOTOLINK X5000R 安全漏洞

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "hour" parameter in setScheduleCfg failing to correctly filter constructed command special characters,...

8.8CVSS9.4AI score0.01573EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.5 views

PT-2024-19653 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version V17.0.0cu.557 B20221024 Description: A command injection issue was found via the minute parameter in the setScheduleCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK A3300R version...

9.8CVSS9.6AI score0.01728EPSS
Exploits1References4
Rows per page
Query Builder