9 matches found
TOTOLINK A720R Command Injection Vulnerability (CNVD-2025-29710)
TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a command injection vulnerability that stems from the unvalidated magicid and url parameters in the...
CVE-2025-60682
A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the cloudupdatecheck binary, specifically in the sub402414 function that handles cloud update parameters. User-supplied 'magicid' and 'url' values are directly concatenated into shell...
TOTOLINK A720R 安全漏洞
TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a command injection vulnerability that stems from the unvalidated magicid and url parameters in the...
EUVD-2021-30575
Malicious code in bioql PyPI...
CVE-2021-43663
totolink EX300v2 V4.0.3c.140B20210429 was discovered to contain a command injection vulnerability via the component cloudupdatecheck...
CVE-2021-43663
totolink EX300v2 V4.0.3c.140B20210429 was discovered to contain a command injection vulnerability via the component cloudupdatecheck...
Command injection
totolink EX300v2 V4.0.3c.140B20210429 was discovered to contain a command injection vulnerability via the component cloudupdatecheck...
CVE-2021-43663
totolink EX300v2 V4.0.3c.140B20210429 was discovered to contain a command injection vulnerability via the component cloudupdatecheck...
CVE-2021-43663
The CVE-2021-43663 entry concerns TotoLink EX300_v2, version 4.0.3c.140_B20210429, with a command-injection flaw in the cloudupdate_check component. Public CNVD/CNNVD entries describe an unauthenticated remote code-execution risk that can be exploited via a MITM attack, potentially allowing the a...