CVE-2024-7462 TOTOLINK N350RT cstecgi.cgi setWizardCfg buffer overflow

A vulnerability classified as critical has been found in TOTOLINK N350RT 9.3.5u.6139B20201216. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has...

TOTOLINK N350RT 安全漏洞

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. The TOTOLINK N350RT suffers from a buffer overflow vulnerability that originates in the setWizardCfg function of the file /cgi-bin/cstecgi.cgi, where manipulation of the parameter ssid can result in a buffer...

CVE-2024-7213

A vulnerability, which was classified as critical, was found in TOTOLINK A7000R 9.1.0u.6268B20220504. Affected is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack remotely. The exploit h...

TOTOLINK A7000R 安全漏洞

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK A7000R version 9.1.0u.6268B20220504, which originates from the ssid parameter in the setWizardCfg function of the /cgi-bin/cstecgi.cgi page that fails to correctly...

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.616520211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3700R suffers from a buffer overflow vulnerability that originates from the failure of ssid5g to properly validate the length and size of the input data in the function setWizardCfg, which can be...

PT-2024-27690 · Totolink · Totolink A3700R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3700R version 9.1.2u.6165 20211012 Description: A stack overflow issue was discovered in the setWizardCfg function via ssid5g. Recommendations: For TOTOLINK A3700R version 9.1.2u.6165 20211012, as a temporary workaround, consider...

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.616520211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg...

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.616520211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg...

The vulnerability of the setWizardCfg function in the /cgi-bin/cstecgi.cgi file of the shttpd component of the TOTOLINK X6000R AX3000 router’s microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the setWizardCfg function in the /cgi-bin/cstecgi.cgi file of the shttpd component of the TOTOLINK X6000R AX3000 router software lies in the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2024-1781

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...

Command injection

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...

PT-2024-1833

Name of the Vulnerable Software and Affected Versions Totolink X6000R AX3000 versions 9.4.0cu.852 20230719 Description A critical issue exists in the setWizardCfg function of the shttpd component, located in the /cgi-bin/cstecgi.cgi file. This is due to a lack of input validation, which allows fo...

CVE-2023-6612 Totolink X5000R cstecgi.cgi setWizardCfg os command injection

A vulnerability was found in Totolink X5000R 9.1.0cu.2300B20230112. It has been rated as critical. This issue affects the function...

TOTOLINK X5000R Operating System Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK X5000R version 9.1.0cu.2300B20230112, which stems from an operating system command injection vulnerability in component fg/setWizardCfg...