13 matches found
CVE-2026-9385
Totolink A8000RU Web Management (cgi-bin/cstecgi.cgi: setTracerouteCfg) is vulnerable to os command injection due to argument manipulation. Affects version 7.1cu.643_b20200521; vulnerability is remotely exploitable and exploit publicly disclosed. Public details indicate high impact on confidentia...
CVE-2026-1150
A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...
PT-2026-3433
Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A security flaw exists in Totolink LR350. The issue is due to command injection within the setTracerouteCfg function of the /cgi-bin/cstecgi.cgi file, specifically in the POST Request...
CVE-2024-8077
This CVE-2024-8077 affects TOTOLINK AC1200 T8, specifically version 4.1.5cu.862_B20230228. The vulnerability is in the setTracerouteCfg function and allows OS command injection, with remote exploitation as implied by the sources. Reports consistently describe a critical impact under this function...
VulnCheck KEV: CVE-2023-52028
TOTOlink A3700R v9.1.2u.5822B20200513 was discovered to contain a remote command execution RCE vulnerability via the setTracerouteCfg function...
CVE-2024-1000
A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216. It has been rated as critical. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to stack-based buffer overflow. The attack may be initiated remotely...
TOTOLINK X5000R 命令注入漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK X5000R version B20210419, which stems from a remote code execution RCE vulnerability in the setTracerouteCfg interface...
PT-2023-6552 · Totolink · Totolink X5000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R versions V9.1.0u.6118 B20201102 through V9.1.0u.6369 B20230113 Description: The issue concerns a command insertion vulnerability in the setting/setTracerouteCfg component of the TOTOLINK X5000R router's firmware. This...
TOTOLINK LR350 缓冲区错误漏洞
TOTOLINK LR350 is a 4G LTE router from China's TOTOLINK , which supports converting 4G signals to wired signals for home and office scenarios. A buffer overflow vulnerability exists in the TOTOLINK LR350. The vulnerability originates from a buffer overflow after authentication via the command...
CVE-2022-41523
TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function...
TOTOLINK A7000R 操作系统命令注入漏洞
The TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK A7000R version V9.1.0u.6115B20201022, which stems from a command injection issue with the addEffect parameter in the setting/setTracerouteCfg...
PT-2022-23409 · Totolink · Totolink N350Rt
Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was discovered via the command parameter in the setTracerouteCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK N350RT versi...
TOTOLINK N350RT 缓冲区错误漏洞
The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a command parameter stack overflow issue in the setTracerouteCfg method...