CVE-2023-52039

An issue discovered in TOTOLINK X6000R v9.4.0cu.852B20230719 allows attackers to run arbitrary commands via the sub415AA4 function...

TOTOLINK X2000R Command Injection Vulnerability

TOTOLINK X2000R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X2000R version 1.0.0-B20221212.1452, which stems from the macstr parameter of the formMapDelDevice function of the /boafrm/formMapDelDevice file failing to correctly...

CVE-2023-52040

An issue discovered in TOTOLINK X6000R v9.4.0cu.852B20230719 allows attackers to run arbitrary commands via the sub41284C function...

CVE-2023-52040

Affected product: TOTOLINK X6000R (v9.4.0cu.852_B20230719). Issue: Command injection via the sub_41284C function, allowing attackers to run arbitrary commands. Root cause / component: Vulnerability in the sub_41284C routine. Impact: Ability to execute arbitrary commands with high impact (per CVE ...

CVE-2023-52038

An issue discovered in TOTOLINK X6000R v9.4.0cu.852B20230719 allows attackers to run arbitrary commands via the sub415C80 function...

PT-2024-14369 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.852 B20230719 Description: An issue in TOTOLINK X6000R allows attackers to run arbitrary commands via the sub 41284C function. Recommendations: For TOTOLINK X6000R version 9.4.0cu.852 B20230719, consider...

CVE-2023-52039

The CVE-2023-52039 issue affects TOTOLINK X6000R (v9.4.0cu.852_B20230719). A command-injection vulnerability exists in the sub_415AA4 function, enabling an attacker to execute arbitrary commands remotely over the network. The NVD/CNNVD entries confirm a high-severity impact (C/H/I/A = High) with ...

CVE-2023-52038

An issue discovered in TOTOLINK X6000R v9.4.0cu.852B20230719 allows attackers to run arbitrary commands via the sub415C80 function...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3700R is vulnerable to a command injection vulnerability that stems from the setOpModeCfg method failing to properly filter constructed command special characters, commands, and more. An attacker can...

The vulnerability of the macOS operating system’s terminal emulator allows a hacker to disclose protected information.

The vulnerability of the macOS terminal emulator is related to the lack of protection for service data. Exploiting this vulnerability allows a hacker to execute arbitrary control commands...

The vulnerability of the AIX operating system, related to the execution of operations beyond the buffer in memory, allows an attacker to execute arbitrary commands.

The vulnerability of the AIX operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary commands using invscout...

The vulnerability of the software for managing and controlling access to corporate resources and IBM Security Verify Governance applications lies in the insufficient validation of arguments passed to the command line. This allows attackers to execute arbitrary commands.

The vulnerability of the software for managing and controlling access to corporate resources and applications of IBM Security Verify Governance is related to insufficient validation of arguments passed to the command line. Exploiting this vulnerability allows a malicious actor to execute arbitrar...

CVE-2023-52042

An issue discovered in sub4117F8 function in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary commands via the 'lang' parameter...

TOTOLINK X6000R 安全漏洞

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R suffers from a code execution vulnerability that stems from the application's failure to properly filter construct command special characters, commands, etc. An attacker can exploit the vulnerability ...

TOTOLINK A3700R setDiagnosisCfg Method Command Injection Vulnerability

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK A3700R version v9.1.2u.5822B20200513, which stems from the setDiagnosisCfg method failing to correctly filter constructed command special characters, commands, and...

TOTOLINK A3700R NTPSyncWithHost Method Command Injection Vulnerability

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK A3700R v9.1.2u.5822B20200513, which stems from the NTPSyncWithHost method failing to properly filter construct command special characters, commands, and so on. An...

TOTOLINK A3300R setWanCfg Method Command Injection Vulnerability

The TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the hostName parameter of the setWanCfg method failing to correctly filter the construct command specia...

TOTOLINK A3300R setScheduleCfg Method Command Injection Vulnerability

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the minute parameter of the setScheduleCfg method failing to correctly filter construct command special...

TOTOLINK A3300R setNtpCfg Method Command Injection Vulnerability

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the tz parameter of the setNtpCfg method failing to correctly filter construct command special characters,...

TOTOLINK A3300R setDdnsCfg Method Command Injection Vulnerability

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the username parameter of the setDdnsCfg method failing to correctly filter construct command special...