43 matches found
PT-2025-3384 · Totolink · Totolink X5000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version V9.1.0cu.2350 B20230313 Description: The issue is related to the setVpnAccountCfg function, specifically the /web/cgi-bin/cstecgi.cgi endpoint, where the desc parameter is not properly sanitized, allowing an attacker t...
PT-2025-3382 · Totolink · Totolink X5000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version V9.1.0cu.2350 B20230313 Description: The issue is related to the setVpnAccountCfg function, specifically the /web/cgi-bin/cstecgi.cgi endpoint, where the user parameter is not properly sanitized, allowing for OS comman...
PT-2025-1232 · Totolink · Totolink X5000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2350 B20230313 Description: The issue is related to an OS command injection vulnerability. This vulnerability can be exploited via the limit parameter in the setVpnAccountCfg function. The vulnerability allows ...