152 matches found
CVE-2021-42888
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setLanguageCfg of the file global.so which can control langType to attack...
PT-2022-11732 · Totolink · Totolink Ex1200T
Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T version 4.1.2cu.5215 Description: The issue is a remote command injection vulnerability in the setLanguageCfg function of the global.so file. This vulnerability allows an attacker to control the langType variable to launch an...
TOTOLINK N600R Command Injection Vulnerability (CNVD-2022-5355)
TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK Electronics, Inc. A command injection vulnerability exists in TOTOLINK N600R, which can be exploited by attackers to conduct command injection attacks via the lagtype parameter in /setting/setLanguageCfg...
CVE-2022-28906
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg...
CVE-2022-28906
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg...
CVE-2022-28906
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg...
Command injection
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg...
CVE-2022-28906
Summary: CVE-2022-28906 affects TOTOLink N600R routers (V5.3c.7159_B20190425). A command-injection vulnerability exists in the /setting/setLanguageCfg API endpoint, exploitable via the langtype parameter. The issue allows an attacker to potentially execute arbitrary commands on the device, with n...
CVE-2022-28906
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg...
CVE-2022-26206
Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setLanguageCfg, via the langTy...
CVE-2022-26206
Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setLanguageCfg, via the langTy...
Command injection
Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setLanguageCfg, via the langTy...