TOTOLINK CPE CP450 setWebWlanIdx Method Command Injection Vulnerability

TOTOLINK CPE CP450 is an outdoor wireless client terminal device manufactured by China Gion Electronics TOTOLINK. The TOTOLINK CPE CP450 suffers from a command injection vulnerability that stems from the webWlanIdx parameter of the setWebWlanIdx method failing to correctly filter constructed...

TOTOLINK CPE CP450 setUpgradeFW Method Command Injection Vulnerability

TOTOLINK CPE CP450 is an outdoor wireless client terminal device manufactured by China Gion Electronics TOTOLINK. The TOTOLINK CPE CP450 suffers from a command injection vulnerability that stems from the FileName parameter of the setUpgradeFW method failing to properly filter constructor command...

CVE-2024-34203

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function...

TOTOLINK CPE CP450 安全漏洞

TOTOLINK CPE CP450 is an outdoor wireless client terminal device from China Gion Electronics TOTOLINK, which is mainly used to provide wireless broadband access services, especially for wireless network coverage in rural or remote areas. A security vulnerability exists in the TOTOLINK CPE CP450...

PT-2024-25741 · Totolink · Totolink Outdoor Cpe Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK outdoor CPE CP450 version 4.1.0cu.747 B20191224 Description: A command injection issue was found in the setWebWlanIdx function via the webWlanIdx parameter. Recommendations: For version 4.1.0cu.747 B20191224, consider disabling the...