482 matches found
CVE-2022-37799
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement...
CVE-2022-37799
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement...
CVE-2022-37799
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement...
CVE-2022-37804
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo...
CVE-2022-37804
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo...
CVE-2022-37082
TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the hosttime parameter at the function NTPSyncWithHost...
CVE-2022-37082
TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the hosttime parameter at the function NTPSyncWithHost...
Stack overflow
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement...
Stack overflow
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo...
CVE-2022-36479
TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the hosttime parameter in the function NTPSyncWithHost...
CVE-2022-37804
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo...
CVE-2022-37804
CVE-2022-37804 affects Tenda AC1206 (v15.03.06.23). A stack overflow is triggered by the time parameter in the function saveParentControlInfo() , which in some sources is described as causing potential remote code execution. Multiple sources (NVD entry and CNVD/CNNVD-style reports) corroborate th...
CVE-2022-37799
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement...
CVE-2022-37799
CVE-2022-37799 affects the Tenda AC1206 router (version v15.03.06.23). Multiple sources describe a stack/buffer overflow triggered by the time parameter in the setSmartPowerManagement() function. The vulnerability’s CVSSv3.1 vector indicates a critical impact (C:H, I:H, A:H) with network access, ...
TOTOLINK A3700R 操作系统命令注入漏洞
The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOLINK A3700R version V9.1.2u.6134B20201202, which stems from a command injection issue in the hosttime parameter of the NTPSyncWithHost method...
PT-2022-23797 · Totolink · Totolink A7000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the host time parameter at the NTPSyncWithHost function, allowing for potential exploitation. Recommendations: For TOTOLINK A7000R version...
PT-2022-23401 · Totolink · Totolink N350Rt
Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was found via the host time parameter in the NTPSyncWithHost function. This allows for potential exploitation. Recommendations: For TOTOLINK N350RT version...
PT-2022-23382 · Totolink · Totolink A3700R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3700R version 9.1.2u.6134 B20201202 Description: A command injection issue was found via the host time parameter in the NTPSyncWithHost function. This allows for potential exploitation. Recommendations: For TOTOLINK A3700R version...
PYSEC-2022-43182
The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...
DEBIAN-CVE-2022-2514
The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...