Lucene search
K

184 matches found

CNVD
CNVD
added 2025/05/14 12:0 a.m.2 views

TOTOLINK A720R Improper Authentication Vulnerability

TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A720R suffers from an improper authentication vulnerability that stems from improper handling of the parameter topicurl in the file /cgi-bin/cstecgi.cgi, no details of the vulnerability are provided at this...

6.9CVSS5.3AI score0.0096EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/05/12 12:0 a.m.6 views

The vulnerability of the cstecgi.cgi (/cgi-bin/cstecgi.cgi) script in the TOTOLINK A720R router’s microprogramming software allows a hacker to escalate their privileges.

The vulnerability of the cstecgi.cgi /cgi-bin/cstecgi.cgi script in the TOTOLINK A720R router software is related to errors in access control when processing the topicurl parameter. Exploiting this vulnerability allows a remote attacker to increase their privileges by sending specially crafted PO...

6.5CVSS6.6AI score0.00489EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/07 8:31 a.m.15 views

CVE-2025-4271

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attac...

6.9CVSS5.1AI score0.00548EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/07 8:31 a.m.20 views

CVE-2025-4270

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to informatio...

7.5CVSS7.4AI score0.10269EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/07 7:8 a.m.19 views

CVE-2025-4269

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi of the component Log Handler. The manipulation of the argument topicurl with the input clearDiagnosisLog/clearSyslog/clearTracerouteLog...

6.9CVSS5.3AI score0.00489EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/07 7:8 a.m.12 views

CVE-2025-4268

A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated...

6.9CVSS5.4AI score0.0096EPSS
Exploits1References1
NVD
NVD
added 2025/05/05 8:15 a.m.30 views

CVE-2025-4271

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attac...

6.9CVSS0.00548EPSS
Exploits1References5
OSV
OSV
added 2025/05/05 8:15 a.m.4 views

CVE-2025-4271

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attac...

6.9CVSS4.9AI score0.00548EPSS
Exploits1References5
NVD
NVD
added 2025/05/05 8:15 a.m.40 views

CVE-2025-4270

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to informatio...

7.5CVSS0.10269EPSS
Exploits1References6
OSV
OSV
added 2025/05/05 8:15 a.m.9 views

CVE-2025-4270

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to informatio...

7.5CVSS4.8AI score0.10269EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/05/05 8:0 a.m.37 views

CVE-2025-4271 TOTOLINK A720R cstecgi.cgi information disclosure

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attac...

6.9CVSS0.00548EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/05/05 8:0 a.m.8 views

CVE-2025-4271 TOTOLINK A720R cstecgi.cgi information disclosure

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attac...

6.9CVSS5.2AI score0.00548EPSS
Exploits1References5
CVE
CVE
added 2025/05/05 8:0 a.m.66 views

CVE-2025-4271

TOTOLINK A720R (firmware 4.1.5cu.374) is affected by CVE-2025-4271 due to improper handling of the topicurl parameter in /cgi-bin/cstecgi.cgi. Manipulating topicurl with showSyslog triggers information disclosure over a remote attack. Multiple sources confirm the vulnerability and public exploits...

6.9CVSS6.8AI score0.00548EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/05/05 7:31 a.m.37 views

CVE-2025-4270 TOTOLINK A720R Config cstecgi.cgi information disclosure

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to informatio...

6.9CVSS0.10269EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/05/05 7:31 a.m.15 views

CVE-2025-4270 TOTOLINK A720R Config cstecgi.cgi information disclosure

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to informatio...

6.9CVSS6.5AI score0.10269EPSS
Exploits1References6
CVE
CVE
added 2025/05/05 7:31 a.m.85 views

CVE-2025-4270

The CVE-2025-4270 entry concerns TOTOLINK A720R (firmware 4.1.5cu.374) in the Config Handler’s /cgi-bin/cstecgi.cgi. Affects an unknown function where manipulating the topicurl parameter with inputs such as getInitCfg or getSysStatusCfg leads to information disclosure. The vulnerability can be ex...

7.5CVSS6.6AI score0.10269EPSS
In wildExploits1References6Affected Software1
OSV
OSV
added 2025/05/05 7:15 a.m.5 views

CVE-2025-4269

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi of the component Log Handler. The manipulation of the argument topicurl with the input clearDiagnosisLog/clearSyslog/clearTracerouteLog...

5.3CVSS5.5AI score0.00489EPSS
Exploits1References6
NVD
NVD
added 2025/05/05 7:15 a.m.31 views

CVE-2025-4269

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi of the component Log Handler. The manipulation of the argument topicurl with the input clearDiagnosisLog/clearSyslog/clearTracerouteLog...

6.9CVSS0.00489EPSS
Exploits1References6
OSV
OSV
added 2025/05/05 7:15 a.m.6 views

CVE-2025-4268

A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated...

6.9CVSS5.6AI score0.0096EPSS
Exploits1References5
NVD
NVD
added 2025/05/05 7:15 a.m.15 views

CVE-2025-4268

A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated...

6.9CVSS0.0096EPSS
Exploits1References5
Rows per page
Query Builder