Lucene search
+L

28 matches found

cnnvd
cnnvd
added 2024/11/27 12:0 a.m.6 views

TOTOLINK多款产品 安全漏洞

TOTOLINK A3002RU and others are products of China's Gion Electronics TOTOLINK.TOTOLINK A3002RU is a wireless router product.TOTOLINK N300RT is a wireless router that complies with the 802.11n standard.TOTOLINK N150RT is a wireless router. A security vulnerability exists in several TOTOLINK...

6.8CVSS7.4AI score0.0379EPSS
Exploits0References1
osv
osv
added 2024/02/29 1:42 a.m.3 views

CVE-2023-51835

An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to execute arbitrary code via the parameters ipv4ping in the /boafrm/formSystemCheck...

6.8CVSS6.1AI score0.07319EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2024/02/01 12:0 a.m.5 views

PT-2024-14308 · Trendnet · Trendnet Tew-822Dre

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-822DRE version 1.03B02 Description: An issue allows a local attacker to execute arbitrary code via the ipv4 ping parameter in the "/boafrm/formSystemCheck" API endpoint. Recommendations: For TRENDnet TEW-822DRE version 1.03B02,...

6.8CVSS7.4AI score0.07319EPSS
Exploits1References5
vulncheck_kev
vulncheck_kev
added 2021/11/11 12:0 a.m.4 views

VulnCheck KEV: CVE-2019-19824

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI syscmd.htm is not available. This allows for full control over the device's internals. This affects A3002RU through...

9CVSS7.5AI score0.25135EPSS
Exploits3References1
nvd
nvd
added 2020/01/27 6:15 p.m.26 views

CVE-2019-19824

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI syscmd.htm is not available. This allows for full control over the device's internals. This affects A3002RU through...

9CVSS8.9AI score0.25135EPSS
Exploits3References5
osv
osv
added 2020/01/27 6:15 p.m.6 views

CVE-2019-19824

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI syscmd.htm is not available. This allows for full control over the device's internals. This affects A3002RU through...

8.8CVSS7.5AI score0.25135EPSS
Exploits3References5
nvd
nvd
added 2020/01/27 5:15 p.m.22 views

CVE-2019-19825

On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an "topicurl":"setting/getSanvas" POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. Also, the CAPTCHA text is not needed once the attacker has determined valid credentials. The attacker can perform...

9.8CVSS9.4AI score0.29557EPSS
Exploits3References4
prion
prion
added 2020/01/27 5:15 p.m.21 views

Design/Logic Flaw

On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an "topicurl":"setting/getSanvas" POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. Also, the CAPTCHA text is not needed once the attacker has determined valid credentials. The attacker can perform...

7.5CVSS9.2AI score0.29557EPSS
Exploits3References4Affected Software8
Rows per page
Query Builder