Lucene search
K

80 matches found

NVD
NVD
added 2022/08/25 3:15 p.m.27 views

CVE-2022-37814

Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the deviceid parameters in the function addWifiMacFilter...

9.8CVSS0.01013EPSS
Exploits1References1
Prion
Prion
added 2022/08/25 3:15 p.m.22 views

Stack overflow

Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the deviceid parameters in the function addWifiMacFilter...

7.5CVSS9.4AI score0.01013EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/08/25 2:7 p.m.29 views

CVE-2022-37814

Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the deviceid parameters in the function addWifiMacFilter...

9.7AI score0.01013EPSS
Exploits1References1
CNVD
CNVD
added 2022/05/12 12:0 a.m.29 views

TOTOLINK N600R Command Injection Vulnerability (CNVD-2022-53552)

TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK, China.A command injection vulnerability exists in TOTOLINK N600R, which can be exploited by attackers to conduct command injection attacks via the devicemac parameter in /setting/setDeviceName...

10CVSS5.4AI score0.02492EPSS
Exploits1References1
NVD
NVD
added 2022/05/10 2:15 p.m.35 views

CVE-2022-28905

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName...

10CVSS0.02492EPSS
Exploits1References1
OSV
OSV
added 2022/05/10 2:15 p.m.4 views

CVE-2022-28905

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName...

9.8CVSS7.3AI score0.02492EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/05/10 2:15 p.m.2 views

CVE-2022-28905

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName...

10CVSS7.2AI score0.02492EPSS
Exploits1References2
Prion
Prion
added 2022/05/10 2:15 p.m.14 views

Command injection

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName...

10CVSS9.7AI score0.02492EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/05/10 1:16 p.m.30 views

CVE-2022-28905

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName...

10AI score0.02492EPSS
Exploits1References1
CVE
CVE
added 2022/05/10 1:16 p.m.99 views

CVE-2022-28905

TOTOLink N600R (versions including V5.3c.7159_B20190425) contains a command injection vulnerability reachable through the devicemac parameter in the /setting/setDeviceName API. The root cause is an unsafely handled input in the devicemac field, enabling arbitrary command execution on the device. ...

10CVSS9.8AI score0.02492EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/05/10 12:0 a.m.7 views

PT-2022-19300 · Totolink · Totolink N600R

Name of the Vulnerable Software and Affected Versions: TOTOLink N600R version V5.3c.7159 B20190425 Description: A command injection issue was found via the devicemac parameter in the "/setting/setDeviceName" API endpoint. This allows for potential command execution on the device. Recommendations:...

10CVSS9.5AI score0.02492EPSS
Exploits1References3
CNVD
CNVD
added 2022/03/17 12:0 a.m.15 views

Multiple TotoLink Product Command Injection Vulnerabilities (CNVD-2022-47975)

Totolink A830R/A3100R/A950RG/A800R/A3000RU/A810R and other products are one of the routers from Totolink China. A command injection vulnerability exists in several TotoLink products. The vulnerability stems from the failure of the deviceName parameter and deviceMac parameter in the...

9.8CVSS4.4AI score0.02806EPSS
Exploits1References1
OSV
OSV
added 2022/03/15 10:15 p.m.3 views

CVE-2022-26212

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDeviceName, via the deviceM...

9.8CVSS7.5AI score0.02806EPSS
Exploits1References1
NVD
NVD
added 2022/03/15 10:15 p.m.17 views

CVE-2022-26211

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function CloudACMunualUpdate, via the...

9.8CVSS0.02806EPSS
Exploits1References1
Prion
Prion
added 2022/03/15 10:15 p.m.15 views

Command injection

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function CloudACMunualUpdate, via the...

7.5CVSS9.9AI score0.02806EPSS
Exploits1References1Affected Software6
Prion
Prion
added 2022/03/15 10:15 p.m.18 views

Command injection

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDeviceName, via the deviceM...

7.5CVSS9.9AI score0.02806EPSS
Exploits1References1Affected Software6
Cvelist
Cvelist
added 2022/03/15 9:56 p.m.18 views

CVE-2022-26211

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function CloudACMunualUpdate, via the...

10AI score0.02806EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/03/15 9:56 p.m.17 views

CVE-2022-26212

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDeviceName, via the deviceM...

10AI score0.02806EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/03/15 12:0 a.m.4 views

PT-2022-17725 · Totolink · Totolink A3100R +5

Name of the Vulnerable Software and Affected Versions: Totolink A830R version 5.9c.4729 B20191112 Totolink A3100R version 4.1.2cu.5050 B20200504 Totolink A950RG version 4.1.2cu.5161 B20200903 Totolink A800R version 4.1.2cu.5137 B20200730 Totolink A3000RU version 5.9c.5185 B20201128 Totolink A810R...

9.8CVSS9.8AI score0.02806EPSS
Exploits1References3
CVE
CVE
added 2018/10/28 12:0 a.m.55 views

CVE-2018-18731

CVE-2018-18731 affects Tenda AC7/AC9/AC10/AC15/AC18 devices (versions listed in initial documents) where a buffer overflow exists in the router’s httpd web server. During processing of the POST parameter 'deviceMac', the value is used directly in sprintf to a stack variable, which can override th...

7.8CVSS7.7AI score0.01141EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder