7 matches found
PT-2024-5478 · Totolink · Totolink N350Rt
Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A critical issue affects the setParentalRules function of the /cgi-bin/cstecgi.cgi file, causing a buffer overflow when the week, sTime, and eTime parameters are manipulated. This can...
PT-2024-1319 · Totolink · Totolink N200Re
Name of the Vulnerable Software and Affected Versions: Totolink N200RE versions 9.3.5u.6139 B20201216 Description: The issue is related to a buffer overflow in the loginAuth function of the cstecgi.cgi script in the Totolink N200RE router's firmware. This can be exploited by a remote attacker to...
PT-2024-1072 · Totolink · Totolink N200Re
Name of the Vulnerable Software and Affected Versions: Totolink N200RE version 9.3.5u.6139 B20201216 Description: A critical issue affects the setTracerouteCfg function of the /cgi-bin/cstecgi.cgi file, allowing remote attackers to exploit the vulnerability. The manipulation of the command argume...
CVE-2022-36482
TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg...
PT-2022-23403 · Totolink · Totolink N350Rt
Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was found via the ip parameter in the setDiagnosisCfg function, allowing potential exploitation. Recommendations: For TOTOLINK N350RT version 9.3.5u.6139...
PT-2022-23408 · Totolink · Totolink N350Rt
Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was found via the FileName parameter in the UploadFirmwareFile function. Recommendations: For version 9.3.5u.6139 B20201216, consider restricting access to t...
TOTOLINK N350RT 操作系统命令注入漏洞
The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a command injection issue with the FileName parameter of the UploadFirmwareFile meth...