CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54 matches found

RedhatCVE•added 2026/05/26 8:14 p.m.•8 views

CVE-2026-9388

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument mode can lead to os command injection. It is possible to...

10CVSS7.1AI score0.01254EPSS

Exploits0References1

NVD•added 2026/05/24 3:16 p.m.•9 views

CVE-2026-9388

10CVSS0.01254EPSS

Exploits0References5

CVE•added 2026/05/24 2:30 p.m.•10 views

CVE-2026-9388

Totolink A8000RU Web Management (CVE-2026-9388) affects the /cgi-bin/cstecgi.cgi setScheduleCfg function. The vulnerability arises from manipulating the mode argument, enabling os command injection with remote access. Impact is high for confidentiality, integrity, and availability per CVSS metric...

10CVSS7.1AI score0.01254EPSS

Exploits0References5

ATTACKERKB•added 2026/05/24 2:30 p.m.•8 views

CVE-2026-9388

10CVSS7.1AI score0.01254EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/05/24 2:30 p.m.•11 views

CVE-2026-9388 Totolink A8000RU Web Management cstecgi.cgi setScheduleCfg os command injection

10CVSS0.01254EPSS

Exploits0References5

CNNVD•added 2026/05/24 12:0 a.m.•6 views

TOTOLINK A8000RU 操作系统命令注入漏洞

TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A8000RU 7.1cu.643b20200521 version contains a vulnerability related to operating system command injection. This vulnerability stems from improper handling of the mode parameter in the setScheduleCfg functi...

10CVSS7.3AI score0.01254EPSS

Exploits0References5

Positive Technologies•added 2026/05/24 12:0 a.m.•9 views

PT-2026-42957

A weakness has been identified in Totolink A8000RU 7.1cu.643 b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument mode can lead to os command injection. It is possible to...

10CVSS7.1AI score0.01254EPSS

Exploits0References5

EUVD•added 2026/04/06 9:31 p.m.•0 views

EUVD-2026-19462

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The exploit has been...

7.5CVSS6.8AI score0.04736EPSS

Exploits0References6

NVD•added 2026/04/06 7:16 p.m.•2 views

CVE-2026-5678

7.5CVSS0.04736EPSS

Exploits0References5

ATTACKERKB•added 2026/04/06 6:45 p.m.•1 views

CVE-2026-5678

7.5CVSS6.8AI score0.04736EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/04/06 6:45 p.m.•1 views

CVE-2026-5678 Totolink A7100RU cstecgi.cgi setScheduleCfg os command injection

7.5CVSS6.8AI score0.04736EPSS

Exploits0References5

Cvelist•added 2026/04/06 6:45 p.m.•16 views

CVE-2026-5678 Totolink A7100RU cstecgi.cgi setScheduleCfg os command injection

7.5CVSS0.04736EPSS

Exploits0References5

CVE•added 2026/04/06 6:45 p.m.•20 views

CVE-2026-5678

CVE-2026-5678 affects Totolink A7100RU (firmware 7.4cu.2313_b20191024). The vulnerability is in the /cgi-bin/cstecgi.cgi function setScheduleCfg, where manipulating the mode argument enables an OS command injection. Exploitation can be performed remotely, and a public exploit is available. Impact...

7.5CVSS6.8AI score0.04736EPSS

Exploits0References5

CNVD•added 2025/10/31 12:0 a.m.•1 views

TOTOLINK A3300R setScheduleCfg function stack buffer overflow vulnerability

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a stack buffer overflow vulnerability that originates from the parameter recHour of the setScheduleCfg function o...

9CVSS9.1AI score0.00314EPSS

Exploits1References1

RedhatCVE•added 2025/10/28 10:52 a.m.•1 views

CVE-2025-12259

A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...

9CVSS6.9AI score0.00314EPSS

Exploits1References1

NVD•added 2025/10/27 10:15 a.m.•1 views

CVE-2025-12259

9CVSS0.00314EPSS

Exploits1References5

EUVD•added 2025/10/27 10:2 a.m.•2 views

EUVD-2025-36155

9CVSS6.6AI score0.00314EPSS

Exploits1References6

CVE•added 2025/10/27 10:2 a.m.•7 views

CVE-2025-12259

TOTOLINK A3300R (v17.0.0cu.557_B20221024) is affected by a stack-based buffer overflow in the setScheduleCfg function, located in /cgi-bin/cstecgi.cgi (POST Parameter Handler). The vulnerability stems from improper validation of the recHour input, enabling remote exploitation. An exploit has been...

9CVSS8.6AI score0.00314EPSS

Exploits1References5Affected Software1

Positive Technologies•added 2025/10/27 12:0 a.m.•2 views

PT-2025-43920

Name of the Vulnerable Software and Affected Versions TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description A flaw exists in TOTOLINK A3300R. The issue is a stack-based buffer overflow caused by the manipulation of the recHour argument within the setScheduleCfg function located in the...

9CVSS6.6AI score0.00314EPSS

Exploits1References9

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-20586

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.02681EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by