14 matches found
EUVD-2026-31544
A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument mode can lead to os command injection. It is possible to...
CVE-2026-5678
A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The exploit has been...
CVE-2026-2873
CVE-2026-2873 affects Tenda A21 firmware (1.0.0.0) where the setSchedWifi function in /goform/openSchedWifi is vulnerable to a stack-based buffer overflow caused by manipulated schedStartTime/schedEndTime arguments. The vulnerability can be triggered remotely, and the exploit is public (exploit m...
CVE-2025-12259
A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...
CVE-2025-12259 TOTOLINK A3300R POST Parameter cstecgi.cgi setScheduleCfg stack-based overflow
A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...
CVE-2025-12259 TOTOLINK A3300R POST Parameter cstecgi.cgi setScheduleCfg stack-based overflow
A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...
TOTOLINK A3300R 安全漏洞
TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a stack buffer overflow vulnerability that originates from the parameter recHour of the setScheduleCfg function o...
CVE-2025-9023
A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...
The vulnerability of the setScheduleCfg function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK A3700R wireless router software allows a attacker to cause a service failure.
The vulnerability of the setScheduleCfg function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK A3700R wireless router software is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending a specially crafted PO...
The vulnerability of the setScheduleCfg function in the microprogramming software for TOTOLINK X5000R allows a hacker to execute arbitrary commands.
The vulnerability of the setScheduleCfg function in TOTOLINK X5000R router microprogramming software exists due to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by manipulating the week parameter...
The vulnerability of the setScheduleCfg function in the microprogramming software for TOTOLINK X5000R allows a hacker to execute arbitrary commands.
The vulnerability of the setScheduleCfg function in TOTOLINK X5000R router microprogramming software exists due to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by manipulating the switch parameter...
TOTOLINK X5000R 安全漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. The TOTOLINK X5000R suffers from a command injection vulnerability that stems from the "minute" parameter in setScheduleCfg failing to properly filter constructed command special characters, commands, etc. This vulnerability...
TOTOLINK X5000R 安全漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "hour" parameter in setScheduleCfg failing to correctly filter constructed command special characters,...
PT-2024-19653 · Totolink · Totolink A3300R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version V17.0.0cu.557 B20221024 Description: A command injection issue was found via the minute parameter in the setScheduleCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK A3300R version...