ARRIS TR3300 Command Injection Vulnerability

ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the failure of the hostname parameter in the dhcp function to properly filter the construct command special characters, commands, etc. An attacker could use this...

ARRIS TR3300 Command Injection Vulnerability (CNVD-2022-68526)

ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the failure of the htimezone parameter in the time zone function to properly filter the construct command special characters, commands, etc. The vulnerability can ...

ARRIS TR3300 Command Injection Vulnerability (CNVD-2022-68528)

ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the pppoeusername, pppoepasswd, and pppoeservicename parameters in the pppoe function failing to properly filter the construct command special characters, commands...

ARRIS TR3300 Command Injection Vulnerability (CNVD-2022-68529)

The ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS, Inc. A command injection vulnerability exists in the ARRIS TR3300, which stems from the failure of the wanipstat, wanmaskstat, wangwstat, and wandns1stat parameters in the ip function to properly filter the construct command special...

Multiple ARRIS Product Command Injection Vulnerabilities (CNVD-2022-68534)

ARRIS SBR-AC1900P, SBR-AC3200P and SBR-AC1200P is a Wi-Fi router from ARRIS USA. Multiple ARRIS products are vulnerable to a command injection vulnerability, which stems from the TimeZone parameter in the ntp function failing to properly filter the construct command special characters, commands,...

Multiple ARRIS product command injection vulnerabilities

ARRIS SBR-AC1900P, SBR-AC3200P and SBR-AC1200P is a Wi-Fi router from ARRIS, Inc. Multiple ARRIS products are vulnerable to a command injection vulnerability, which stems from the DdnsUserName, DdnsHostName, and DdnsPassword parameters in the ddns function failing to properly filter the construct...

Multiple ARRIS Product Command Injection Vulnerabilities (CNVD-2022-68531)

ARRIS SBR-AC1900P, SBR-AC3200P and SBR-AC1200P is a Wi-Fi router from ARRIS USA. Multiple ARRIS products command injection vulnerability, which stems from the firewall local logging feature failing to properly filter constructed command special characters, commands, etc. An attacker could exploit...

CVE-2022-26993

Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pppoe function via the pppoeUserName, pppoePassword, and pppoeService parameters. This vulnerability allows attackers to execute arbitrary...

CVE-2022-26213

Totolink X5000RFirmware v9.1.0u.6118B20201102 was discovered to contain a command injection vulnerability in the function setNtpCfg, via the tz parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2022-27005

CVE-2022-27005 affects Totolink X5000R (version 9.1.0u.6118_B20201102) and Totolink A7000R (version 9.1.0u.6115_B20201022). The Red Hat/PRION/CVE ecosystem entries describe a command-injection in the setWanCfg function via the hostName parameter, enabling arbitrary command execution through a cra...

CVE-2022-26207

Totolink devices Totolink A830R, A3100R, A950RG, A800R, A3000RU and A810R are affected by a command-injection in the function setDiagnosisCfg via the ipDoamin parameter. Successful exploitation could allow arbitrary command execution. The Red Hat/PRION/CPAI coverage consistently references the sa...

ARRIS TR3300 命令注入漏洞

ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the failure of the htimezone parameter in the time zone function to properly filter the construct command special characters, commands, etc. The vulnerability can ...

ARRIS SBR-AC1900P和ARRIS SBR-AC3200P 操作系统命令注入漏洞

ARRIS SBR-AC1900P, SBR-AC3200P and SBR-AC1200P is a Wi-Fi router from ARRIS USA. Multiple ARRIS products are vulnerable to a command injection vulnerability, which stems from the TimeZone parameter in the ntp function failing to properly filter the construct command special characters, commands,...

TotoLink X5000R 操作系统命令注入漏洞

Totolink X5000R is a router from China-based Jion Electronics Totolink. a command injection vulnerability exists in Totolink X5000R v9.1.0u.6118B20201102, which stems from a failure of the tz parameter in the setNtpCfg function to properly filter the special element of the constructed command. An...

ARRIS TR3300 命令注入漏洞

ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the failure of the hostname parameter in the dhcp function to properly filter the construct command special characters, commands, etc. An attacker could use this...

TOTOLINK X5000R和TOTOLINK A7000R 操作系统命令注入漏洞

Totolink X5000R is a router from Totolink China.TotoLink A7000R is a wireless router from TotoLink China. A security vulnerability exists in the X5000R V9.1.0u.6118B20201102 and A7000R V9.1.0u.6115B20201022 of Totolink routers, which can be exploited by an attacker to execute arbitrary commands v...

多款TotoLink产品操作系统命令注入漏洞

Totolink A830R/A3100R/A950RG/A800R/A3000RU/A810R products are one of the routers from Totolink China. Several TotoLink products have a command injection vulnerability, which can be exploited by attackers to execute arbitrary commands via crafted requests...

ARRIS SBR-AC1900P和ARRIS SBR-AC3200P 操作系统命令注入漏洞

ARRIS SBR-AC1900P, SBR-AC3200P and SBR-AC1200P is a Wi-Fi router from ARRIS, Inc. Multiple ARRIS products are vulnerable to a command injection vulnerability, which stems from the pptpUserName and pptpPassword parameters in the pptp function failing to properly filter the construct command specia...

TOTOLINK X5000R和TOTOLINK A7000R 操作系统命令注入漏洞

Totolink X5000R is a router from Totolink, China.TotoLink A7000R is a wireless router from TotoLink, China.Totolink routers X5000R V9.1.0u.6118B20201102 and A7000R V9.1.0u.6115 B20201022 contain a security vulnerability that allows attackers to execute arbitrary commands via crafted requests...

ARRIS TR3300 命令注入漏洞

ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the failure of the pptpfixip, pptpfixmask, pptpfixgw, and wandns1stat parameters in the pptp function. properly filter the construct command special characters,...