9789 matches found
CVE-2023-51016
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi...
CVE-2023-51019
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi...
CVE-2023-51012
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi...
CVE-2023-50147
There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822B20200513...
Command injection
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi...
CVE-2023-51026
TOTOlink EX1800T V9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi...
CVE-2023-51027
TOTOlink EX1800T V9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi...
Command injection
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to arbitrary command execution in the ‘hosttime’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi...
TOTOLINK EX1800T 安全漏洞
The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T lanIp parameter. The vulnerability stems from the failure of the lanIp parameter of the setLanConfig interface of cstecgi .cgi to properly filter...
TOTOLINK EX1800T 安全漏洞
The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T version v9.1.0cu.2112B20220316. The vulnerability stems from the hosttime parameter of the NTPSyncWithHost interface of cstecgi .cgi failing to...
CVE-2023-51012
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi...
PT-2023-8034 · Totolink · Totolink Ex1800T
Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue concerns arbitrary command execution in the host time parameter of the NTPSyncWithHost interface of the cstecgi .cgi. This vulnerability exists due to the lack of measures...
CVE-2023-51014
TOTOLINK EX1800T V9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi...
CVE-2023-51011
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the lanPriDns parameter’ of the setLanConfig interface of the cstecgi .cgi...
CVE-2023-51018
CVE-2023-51018 affects TOTOLINK EX1800T, version 9.1.0cu.2112_B20220316, where the opmode parameter of the setWiFiApConfig interface in cstecgi.cgi allows unauthorized arbitrary command execution. Root cause cited across sources is inadequate input filtering for constructed commands in opmode, en...
CVE-2023-51024
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi...
CVE-2023-51019
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi...
CVE-2023-51016
CVE-2023-51016 applies to TOTOLINK EX1800T v9.1.0cu.2112_B20220316, where the setRebootScheCfg interface in cstecgi.cgi permits unauthorized arbitrary command execution. Affected component/function: setRebootScheCfg in cstecgi.cgi; root cause is an exploitable command execution pathway. Reported ...
CVE-2023-51026
The CVE-2023-51026 entry affects TOTOLINK EX1800T (version 9.1.0cu.2112_B20220316). The vulnerability is an unauthenticated, arbitrary command execution in the hour parameter of the setRebootScheCfg interface of the cstecgi .cgi, caused by improper input handling/filtering. Public sources consist...
CVE-2023-51020
TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi...