TOTOLINK X5000R Limit Parameter Command Injection Vulnerability in the setVpnAccountCfg Function

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "limit" parameter in setVpnAccountCfg failing to correctly filter constructor special characters, commands,...

TOTOLINK X5000R sMinute Parameter Command Injection Vulnerability in the setWiFiScheduleCfg Function

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "sMinute" parameter in setWiFiScheduleCfg failing to correctly filter constructed command special characters,...

WAVLINK AC3000 nas.cgi disk_part parameter command injection vulnerability in the nas.cgi add_dir function

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the diskpart parameter of the nas.cgi adddir function failing to correctly filter the constructor command special characters,...

TOTOLINK X5000R setVpnAccountCfg function pass parameter command injection vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "pass" parameter in setVpnAccountCfg failing to correctly filter constructor special characters, commands,...

TOTOLINK X5000R sHour Parameter Command Injection Vulnerability in the setWiFiScheduleCfg Function

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "sHour" parameter in setWiFiScheduleCfg failing to correctly filter constructed command special characters,...

WAVLINK AC3000 adm.cgi restart_min parameter command injection vulnerability in sch_reboot function

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the failure of the restartmin parameter of the adm.cgi schreboot function to correctly filter the constructor command...

WAVLINK AC3000 adm.cgi restart_week parameter command injection vulnerability in sch_reboot function

WAVLINK AC3000 is a wireless router from China RuiYin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the failure of the restartweek parameter of the adm.cgi schreboot function to correctly filter construct command special...

WAVLINK AC3000 adm.cgi set_MeshAp function command injection vulnerability

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setMeshAp function to properly filter constructed command special characters, commands, etc. The...

WAVLINK AC3000 adm.cgi set_TR069 Function Command Injection Vulnerability

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setTR069 function to correctly filter constructed command special characters, commands, etc. The...

WAVLINK AC3000 internet.cgi set_add_routing function's gateway parameter command injection vulnerability

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the failure of the gateway parameter of the internet.cgi setaddrouting function to correctly filter the construct command...

WAVLINK AC3000 login.cgi restart_min_value parameter command injection vulnerability in set_sys_init function

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the restartminvalue parameter of the login.cgi setsysinit function failing to correctly filter the constructor command special...

WAVLINK AC3000 login.cgi restart_hour_value parameter command injection vulnerability in set_sys_init function

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the restarthourvalue parameter of the login.cgi setsysinit function failing to correctly filter the constructor command specia...

WAVLINK AC3000 nas.cgi add_dir function's adddir_name parameter command injection vulnerability

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adddirname parameter of the nas.cgi adddir function to correctly filter construct command special character...

WAVLINK AC3000 nas.cgi set_smb_cfg function command injection vulnerability

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the nas.cgi setsmbcfg function failing to correctly filter constructed command special characters, commands, etc. The...

TOTOLINK X5000R setScheduleCfg function's hour parameter command injection vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "hour" parameter in setScheduleCfg failing to correctly filter constructed command special characters,...

TOTOLINK X5000R recHour Parameter Command Injection Vulnerability in the setScheduleCfg Function

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "recHour" parameter in setScheduleCfg failing to correctly filter for constructor special characters,...

WAVLINK AC3000 firewall.cgi iptablesWebsFilterRun Function Command Injection Vulnerability

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the firewall.cgi iptablesWebsFilterRun function failing to correctly filter constructor command special characters, commands,...

TOTOLINK X5000R setScheduleCfg function week parameter command injection vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the failure of the "week" parameter in setScheduleCfg to correctly filter for constructed command special...

Tenda AC10 注入漏洞

The Tenda AC10 is a wireless router from the Chinese company Tenda. A command injection vulnerability exists in Tenda AC10 version 16.03.10.20, which stems from the failure of the file /goform/telnet to properly filter constructed command special characters, commands, etc. An attacker could use...

WAVLINK AC3000 Command Injection Vulnerability (CNVD-2025-08327)

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that stems from the nas.cgi removedir function failing to properly filter constructor command special characters, commands, etc. The vulnerability can be exploited to...