CVE-2025-35451 Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be...

CVE-2024-53945

The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injection on the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary OS commands with root privileges via shell metacharacters in parameters such as pincode and cmds...

CVE-2024-53945

The CVE-2024-53945 entry concerns the KuWFi 4G AC900 LTE router (version 1.0.13). The vulnerability is a command injection in the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can inject shell metacharacters into parameters such as pincode and cmds to...

TOTOLINK T6 访问控制错误漏洞

TOTOLINK T6 is a wireless dual-band router from China's TOTOLINK Electronics TOTOLINK that supports MQTT protocol and Telnet service. The TOTOLINK T6 suffers from a lack of authentication vulnerability that stems from the setTelnetCfg function of the /cgi-bin/cstecgi.cgi file in the component...

CVE-2023-22922

A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00AARP.14C0 could allow a remote unauthenticated attacker to cause DoS conditions by sending crafted packets if Telnet is enabled on a vulnerable device...

Tenda RX2 Pro 安全漏洞

Tenda RX2 Pro is a high performance WiFi 6 signal amplifier from Tenda China. A security bypass vulnerability exists in Tenda RX2 Pro version 16.03.30.14, which can be exploited by an attacker to cause telnet access to be enabled...

Multiple vulnerabilities in FXC AE1021 and AE1021PE

Overview AE1021 and AE1021PE are information outlet type wireless LAN routers provided by FXC Inc. They contain multiple vulnerabilities listed below. Weak Authentication CWE-1390 - CVE-2024-47397 OS Command Injection CWE-78 - CVE-2024-53688 Inclusion of Undocumented Features CWE-1242 -...

PT-2024-35979 · Victure · Victure Rx1800 Wifi 6 Router

Name of the Vulnerable Software and Affected Versions: Victure RX1800 WiFi 6 Router version EN V1.0.0 r12 110933 Description: A problem was discovered in Victure RX1800 WiFi 6 Router devices where the TELNET service is enabled by default with admin/admin as default credentials and is exposed over...

D-Link DIR-X4860 安全漏洞

The D-Link DIR-X4860 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-X4860 that stems from the use of hard-coded credentials, which allows an attacker to force the telnet service to be enabled and log in using hard-coded credentials...

PT-2024-6865 · D Link · D-Link Covr-X1870 +2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X4860 A1 version 1.00/1.04 D-Link DIR-X5460A1 affected versions not specified D-Link COVR-X1870 affected versions not specified Description: The issue concerns a hidden functionality in certain D-Link wireless routers where the...

CVE-2024-7464

A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnetenabled leads to command injection. The attack may be initiated remotely. The exploit...

CVE-2024-7181

A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182B20201102. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument telnetenabled leads to command injection. The attack can be initiated remotely. The...

TOTOLINK A3100R Command Injection Vulnerability

The TOTOLINK A3100R is a wireless router. The TOTOLINK A3100R suffers from a command injection vulnerability that stems from improper handling of the telnetenabled parameter. An attacker can exploit this vulnerability to obtain sensitive information...

TOTOLINK A3600R 命令注入漏洞

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a command injection vulnerability that originates from improper handling of the telnetenabled parameter in the setTelnetCfg function of the /cgi-bin/cstecgi.cgi file. An...

TOTOLINK A3100R 命令注入漏洞

The TOTOLINK A3100R is a wireless router. The TOTOLINK A3100R suffers from a command injection vulnerability that stems from improper handling of the telnetenabled parameter. An attacker can exploit this vulnerability to obtain sensitive information...

PT-2024-5386 · Totolink · Totolink Cp900L

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900 version 6.3c.566 Description: A critical issue has been found in the Telnet Service component, specifically affecting the setTelnetCfg function. The manipulation of the telnet enabled argument leads to command injection. This...

D-Link E Series Security Vulnerability

D-Link E Series is a series of wireless routers from China-based AUO D-Link. A security vulnerability exists in D-Link E Series. An attacker exploiting this vulnerability could force the device to enable Telnet service by accessing a specific URL and logging in using the obtained administrator...

CVE-2024-31805

TOTOLINK EX200 V4.0.3c.7646B20201211 allows attackers to start the Telnet service without authorization via the telnetenabled parameter in the setTelnetCfg function...

PT-2024-2867 · Totolink · Totolink Ex200

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX200 version 4.0.3c.7646 B20201211 Description: The issue is related to a flaw in the authorization procedure of the setTelnetCfg function in the TOTOLINK EX200 router's firmware. This flaw allows a remote attacker to start the Teln...

TOTOLINK EX1800T Command Execution Vulnerability (CNVD-2024-13795)

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from a command execution vulnerability that stems from the telnetenabled parameter of the setTelnetCfg interface failing to correctly filter constructed command special characters,...