119 matches found
CVE-2024-41314
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vifdisable function...
CVE-2024-41318
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcliwpsgenpincode function...
CVE-2024-41315
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclidoenrpinwps function...
CVE-2024-41319
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function...
CVE-2024-41320
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the getapcliconninfo function...
EUVD-2025-9759
Malicious code in bioql PyPI...
EUVD-2024-53544
Malicious code in bioql PyPI...
EUVD-2024-53542
Malicious code in bioql PyPI...
EUVD-2024-53543
Malicious code in bioql PyPI...
EUVD-2024-53541
Malicious code in bioql PyPI...
CVE-2024-37626
A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote attacker to execute arbitrary code via the iface parameter in the vifenable function...
CVE-2024-57214
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the devname parameter in the resetwifi function...
CVE-2024-57212
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the opmode parameter in the actionreboot function...
CVE-2024-57213
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the newpasswd parameter in the actionpasswd function...
CVE-2024-57211
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enablewsh function...
CVE-2024-41316
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...
CVE-2024-41317
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclidoenrpbcwps function...
TOTOLINK A6000R Command Injection Vulnerability
The TOTOLINK A6000R is a high performance wireless router. A command injection vulnerability exists in TOTOLINK A6000R. The vulnerability stems from the mishandling of the apclicancelwps function, and no detailed vulnerability details are provided at this time...
CVE-2025-3249
A vulnerability classified as critical was found in TOTOLINK A6000R 1.0.1-B20201211.2000. Affected by this vulnerability is the function apclicancelwps of the file /usr/lib/lua/luci/controller/mtkwifi.lua. The manipulation leads to command injection. The attack can be launched remotely. The explo...
CVE-2025-3249
A vulnerability classified as critical was found in TOTOLINK A6000R 1.0.1-B20201211.2000. Affected by this vulnerability is the function apclicancelwps of the file /usr/lib/lua/luci/controller/mtkwifi.lua. The manipulation leads to command injection. The attack can be launched remotely. The explo...