Lucene search
K

63 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-32938

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01409EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-32936

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02551EPSS
Exploits1References2
bdu_fstec
bdu_fstec
added 2025/05/29 12:0 a.m.6 views

The vulnerability of the setUpgradeUboot() function in TOTOLINK CP900 router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the setUpgradeUboot function in TOTOLINK CP900 router microprogramming software is related to the lack of measures to sanitize input data during the processing of the FileName parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

6.5CVSS6AI score0.00884EPSS
Exploits1References2Affected Software1
bdu_fstec
bdu_fstec
added 2025/05/29 12:0 a.m.5 views

The vulnerability of the setApRebootScheCfg() function in TOTOLINK CP900 router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the setApRebootScheCfg function in TOTOLINK CP900 router microprogramming software is related to the lack of measures to clean input data during the processing of the hour and minute parameters. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

6.5CVSS6AI score0.00884EPSS
Exploits1References2Affected Software1
redhatcve
redhatcve
added 2025/05/23 10:21 a.m.4 views

CVE-2024-7464

A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnetenabled leads to command injection. The attack may be initiated remotely. The exploit...

9.8CVSS7.6AI score0.19907EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 10:41 p.m.7 views

CVE-2022-28493

A vulnerability in TOTOLINK CP900 V6.3c.566 allows attackers to start the Telnet service,...

9.8CVSS6.8AI score0.00671EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:41 p.m.9 views

CVE-2022-28496

TOTOLink outdoor CPE CP900 V6.3c.566B20171026 discovered to contain a command injection vulnerability in the setPasswordCfg function via the adminuser and adminpassparameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

9.8CVSS8.6AI score0.01409EPSS
Exploits0References1
cnvd
cnvd
added 2025/05/14 12:0 a.m.9 views

TOTOLINK CP900 setUpgradeUboot Function Command Injection Vulnerability

The TOTOLINK CP900 is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK CP900 suffers from a command injection vulnerability that stems from the setUpgradeUboot function failing to properly filter constructor command special characters, commands, etc. No detailed vulnerabilit...

6.3CVSS7.5AI score0.00884EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/03 1:26 a.m.15 views

CVE-2025-44854

TOTOLINK CP900 V6.3c.1144B20190715 was found to contain a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

6.3CVSS8.5AI score0.00884EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/03 1:24 a.m.22 views

CVE-2025-44838

TOTOLINK CPE CP900 V6.3c.1144B20190715 was discovered to contain a command injection vulnerability in the setUploadUserData function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

6.3CVSS8.8AI score0.00884EPSS
Exploits1References1
nvd
nvd
added 2025/05/01 3:16 p.m.14 views

CVE-2025-44838

TOTOLINK CPE CP900 V6.3c.1144B20190715 was discovered to contain a command injection vulnerability in the setUploadUserData function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

6.3CVSS0.00884EPSS
Exploits1References1
nvd
nvd
added 2025/05/01 3:16 p.m.13 views

CVE-2025-44837

TOTOLINK CPE CP900 V6.3c.1144B20190715 was discovered to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url or magicid parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

6.3CVSS0.00884EPSS
Exploits1References1
nvd
nvd
added 2025/05/01 2:15 p.m.15 views

CVE-2025-44854

TOTOLINK CP900 V6.3c.1144B20190715 was found to contain a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

6.3CVSS0.00884EPSS
Exploits1References1
osv
osv
added 2025/05/01 2:15 p.m.5 views

CVE-2025-44854

TOTOLINK CP900 V6.3c.1144B20190715 was found to contain a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

6.3CVSS6.1AI score
Exploits0References1
cve
cve
added 2025/05/01 12:0 a.m.65 views

CVE-2025-44854

CVE-2025-44854 affects TOTOLINK CP900 (V6.3c.1144_B20190715). The vulnerability exists in the setUpgradeUboot function via the FileName parameter, enabling command injection and potential arbitrary command execution. Multiple connected sources corroborate the issue and link it to a vulnerable CP9...

6.3CVSS6.9AI score0.00884EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2025/05/01 12:0 a.m.11 views

CVE-2025-44838

TOTOLINK CPE CP900 V6.3c.1144B20190715 was discovered to contain a command injection vulnerability in the setUploadUserData function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

0.00884EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2025/05/01 12:0 a.m.8 views

CVE-2025-44854

TOTOLINK CP900 V6.3c.1144B20190715 was found to contain a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

8.4AI score0.00884EPSS
Exploits1References1
cve
cve
added 2025/05/01 12:0 a.m.57 views

CVE-2025-44836

CVE-2025-44836 concerns TOTOLINK CPE CP900 (version 6.3c.1144_B20190715). Multiple sources confirm a command injection vulnerability in the setApRebootScheCfg function, exploitable via the hour or minute parameters. The underlying issue is inadequate filtering of constructed command characters, e...

6.3CVSS8.3AI score0.00884EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2025/05/01 12:0 a.m.13 views

CVE-2025-44854

TOTOLINK CP900 V6.3c.1144B20190715 was found to contain a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

0.00884EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/05/01 12:0 a.m.5 views

TOTOLINK CP900 安全漏洞

The TOTOLINK CP900 is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK CP900 suffers from a command injection vulnerability that stems from the setUpgradeUboot function failing to properly filter constructor command special characters, commands, etc. No detailed vulnerabilit...

6.3CVSS7.5AI score0.00884EPSS
Exploits1References1
Rows per page
Query Builder