Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.4 views

PT-2024-5478 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A critical issue affects the setParentalRules function of the /cgi-bin/cstecgi.cgi file, causing a buffer overflow when the week, sTime, and eTime parameters are manipulated. This can...

9CVSS9AI score0.0124EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/01/29 12:0 a.m.4 views

PT-2024-1319 · Totolink · Totolink N200Re

Name of the Vulnerable Software and Affected Versions: Totolink N200RE versions 9.3.5u.6139 B20201216 Description: The issue is related to a buffer overflow in the loginAuth function of the cstecgi.cgi script in the Totolink N200RE router's firmware. This can be exploited by a remote attacker to...

9CVSS7.3AI score0.01276EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/01/07 12:0 a.m.4 views

PT-2024-1072 · Totolink · Totolink N200Re

Name of the Vulnerable Software and Affected Versions: Totolink N200RE version 9.3.5u.6139 B20201216 Description: A critical issue affects the setTracerouteCfg function of the /cgi-bin/cstecgi.cgi file, allowing remote attackers to exploit the vulnerability. The manipulation of the command argume...

10CVSS7.8AI score0.03834EPSS
Exploits1References8
OSV
OSV
added 2022/08/25 2:15 p.m.3 views

CVE-2022-36482

TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg...

7.8CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.5 views

PT-2022-23403 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was found via the ip parameter in the setDiagnosisCfg function, allowing potential exploitation. Recommendations: For TOTOLINK N350RT version 9.3.5u.6139...

7.8CVSS7.7AI score0.01308EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.6 views

PT-2022-23408 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was found via the FileName parameter in the UploadFirmwareFile function. Recommendations: For version 9.3.5u.6139 B20201216, consider restricting access to t...

7.8CVSS7.9AI score0.01099EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.5 views

TOTOLINK N350RT 操作系统命令注入漏洞

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a command injection issue with the FileName parameter of the UploadFirmwareFile meth...

7.8CVSS5.6AI score0.01099EPSS
Exploits1References2
Rows per page
Query Builder