Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/04/16 7:22 p.m.4 views

CVE-2026-6158

A flaw has been found in Totolink N300RH 6.1c.1353B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

7.5CVSS5.5AI score0.01153EPSS
Exploits0References1
NVD
NVDadded 2026/04/13 5:16 a.m.4 views

CVE-2026-6158

A flaw has been found in Totolink N300RH 6.1c.1353B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

7.5CVSS0.01153EPSS
Exploits0References5
CVE
CVEadded 2026/04/13 4:0 a.m.4 views

CVE-2026-6158

The CVE-2026-6158 entry concerns Totolink N300RH (firmware 6.1c.1353_B20190305). The vulnerability lies in the upgrade subsystem: the function setUpgradeUboot in upgrade.so accepts a FileName argument and can be manipulated to trigger an OS command injection. This flaw enables remote execution an...

7.5CVSS6.8AI score0.01153EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/13 12:0 a.m.4 views

PT-2026-32259

A flaw has been found in Totolink N300RH 6.1c.1353 B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

7.5CVSS6.8AI score0.01153EPSS
Exploits0References7
CNNVD
CNNVDadded 2026/04/13 12:0 a.m.1 views

TOTOLINK N300RH 操作系统命令注入漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. The version 6.1c.1353B20190305 of TOTOLINK N300RH contains a vulnerability related to operating system command injection. This vulnerability stems from incorrect handling of parameters in the file upgrade.so, which...

7.5CVSS7.1AI score0.01153EPSS
Exploits0References5
CNVD
CNVDadded 2025/06/27 12:0 a.m.4 views

TOTOLINK CA300-PoE upgrade.so file command injection vulnerability

TOTOLINK CA300-PoE is a wireless access point from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK CA300-PoE upgrade.so file, which stems from the parameter FileName of the file upgrade.so failing to correctly filter construct command special characters...

9.8CVSS7.7AI score0.06195EPSS
Exploits1References1
OSV
OSVadded 2025/06/25 6:15 p.m.1 views

CVE-2025-6620

A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been rated as critical. Affected by this issue is the function setUpgradeUboot of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack may be launched remotely. The exploit has bee...

9.8CVSS5.6AI score
Exploits0References6
Cvelist
Cvelistadded 2025/06/25 5:31 p.m.7 views

CVE-2025-6619 TOTOLINK CA300-PoE upgrade.so setUpgradeFW os command injection

A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. Affected by this vulnerability is the function setUpgradeFW of the file upgrade.so. The manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit...

6.5CVSS0.06195EPSS
Exploits1References6
Rows per page
Query Builder