Lucene search
K

13 matches found

CVE
CVE
added 2026/05/24 1:45 p.m.23 views

CVE-2026-9385

Totolink A8000RU Web Management (cgi-bin/cstecgi.cgi: setTracerouteCfg) is vulnerable to os command injection due to argument manipulation. Affects version 7.1cu.643_b20200521; vulnerability is remotely exploitable and exploit publicly disclosed. Public details indicate high impact on confidentia...

10CVSS7AI score0.01732EPSS
Exploits0References5
OSV
OSV
added 2026/01/19 11:15 a.m.5 views

CVE-2026-1150

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

8.8CVSS5.7AI score0.0235EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.6 views

PT-2026-3433

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A security flaw exists in Totolink LR350. The issue is due to command injection within the setTracerouteCfg function of the /cgi-bin/cstecgi.cgi file, specifically in the POST Request...

8.8CVSS6.8AI score0.0235EPSS
Exploits1References11
CVE
CVE
added 2024/08/22 8:0 p.m.56 views

CVE-2024-8077

This CVE-2024-8077 affects TOTOLINK AC1200 T8, specifically version 4.1.5cu.862_B20230228. The vulnerability is in the setTracerouteCfg function and allows OS command injection, with remote exploitation as implied by the sources. Reports consistently describe a critical impact under this function...

9.8CVSS6.8AI score0.02949EPSS
Exploits1References4Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/08/07 12:0 a.m.4 views

VulnCheck KEV: CVE-2023-52028

TOTOlink A3700R v9.1.2u.5822B20200513 was discovered to contain a remote command execution RCE vulnerability via the setTracerouteCfg function...

9.8CVSS6AI score0.01668EPSS
Exploits1References1
OSV
OSV
added 2024/01/29 2:15 p.m.4 views

CVE-2024-1000

A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216. It has been rated as critical. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to stack-based buffer overflow. The attack may be initiated remotely...

8.8CVSS6.2AI score
Exploits0References3
CNNVD
CNNVD
added 2023/08/21 12:0 a.m.4 views

TOTOLINK X5000R 命令注入漏洞

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK X5000R version B20210419, which stems from a remote code execution RCE vulnerability in the setTracerouteCfg interface...

9.8CVSS9.2AI score0.01391EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/05/05 12:0 a.m.4 views

PT-2023-6552 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R versions V9.1.0u.6118 B20201102 through V9.1.0u.6369 B20230113 Description: The issue concerns a command insertion vulnerability in the setting/setTracerouteCfg component of the TOTOLINK X5000R router's firmware. This...

10CVSS9.7AI score0.25889EPSS
Exploits4References8
CNNVD
CNNVD
added 2022/11/23 12:0 a.m.6 views

TOTOLINK LR350 缓冲区错误漏洞

TOTOLINK LR350 is a 4G LTE router from China's TOTOLINK , which supports converting 4G signals to wired signals for home and office scenarios. A buffer overflow vulnerability exists in the TOTOLINK LR350. The vulnerability originates from a buffer overflow after authentication via the command...

8.8CVSS8.6AI score0.02334EPSS
Exploits1References2
OSV
OSV
added 2022/10/06 7:15 p.m.5 views

CVE-2022-41523

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function...

8.8CVSS5.8AI score0.00865EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.4 views

TOTOLINK A7000R 操作系统命令注入漏洞

The TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK A7000R version V9.1.0u.6115B20201022, which stems from a command injection issue with the addEffect parameter in the setting/setTracerouteCfg...

7.8CVSS5.7AI score0.01086EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.5 views

PT-2022-23409 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was discovered via the command parameter in the setTracerouteCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK N350RT versi...

7.8CVSS7.8AI score0.01099EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.5 views

TOTOLINK N350RT 缓冲区错误漏洞

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a command parameter stack overflow issue in the setTracerouteCfg method...

7.8CVSS5.6AI score0.00331EPSS
Exploits1References2
Rows per page
Query Builder