Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

130 matches found

OSV
OSVadded 2022/05/10 2:15 p.m.1 views

CVE-2022-28910

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName...

9.8CVSS7.3AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/05/10 2:15 p.m.1 views

CVE-2022-29329

D-Link DAP-1330OSS-firmware1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings...

10CVSS5.9AI score0.02632EPSS
Exploits1References3
NVD
NVDadded 2022/05/10 2:15 p.m.12 views

CVE-2022-29329

D-Link DAP-1330OSS-firmware1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings...

10CVSS0.02632EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2022/05/10 2:15 p.m.2 views

CVE-2022-28910

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName...

10CVSS5.9AI score0.10259EPSS
Exploits1References2
Prion
Prionadded 2022/05/10 2:15 p.m.15 views

Command injection

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName...

10CVSS9.7AI score0.10259EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2022/05/10 2:15 p.m.13 views

Design/Logic Flaw

D-Link DAP-1330OSS-firmware1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings...

10CVSS9.6AI score0.02632EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/05/10 1:17 p.m.23 views

CVE-2022-28910

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName...

10AI score0.10259EPSS
Exploits1References1
CVE
CVEadded 2022/05/10 1:17 p.m.91 views

CVE-2022-28910

Summary (CVE-2022-28910) : A command injection vulnerability exists in TOTOLink N600R router due to the devicename parameter in the API endpoint /setting/setDeviceName . The issue, observed in version V5.3c.7159_B20190425, could allow an unauthenticated or remote attacker to inject and execute ar...

10CVSS9.8AI score0.10259EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/05/10 1:16 p.m.63 views

CVE-2022-29329

CVE-2022-29329 affects D-Link DAP-1330 OSS firmware 1.00b21. A heap overflow is triggered by the devicename parameter in /goform/setDeviceSettings. The issue is described across multiple sources (NVD/Red Hat/CVE listings) as a heap-based vulnerability in the device settings endpoint, with network...

10CVSS9.6AI score0.02632EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2022/05/10 12:0 a.m.1 views

TOTOLINK N600R 操作系统命令注入漏洞

TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK, which is vulnerable to a command injection attack via the devicename parameter in /etting/setDeviceName...

10CVSS8.5AI score0.10259EPSS
Exploits1References2
CNVD
CNVDadded 2022/03/17 12:0 a.m.14 views

Multiple TotoLink Product Command Injection Vulnerabilities (CNVD-2022-47975)

Totolink A830R/A3100R/A950RG/A800R/A3000RU/A810R and other products are one of the routers from Totolink China. A command injection vulnerability exists in several TotoLink products. The vulnerability stems from the failure of the deviceName parameter and deviceMac parameter in the...

9.8CVSS4.4AI score0.17336EPSS
Exploits1References1
OSV
OSVadded 2022/03/15 10:15 p.m.2 views

CVE-2022-26212

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDeviceName, via the deviceM...

9.8CVSS7.5AI score
Exploits0References1
NVD
NVDadded 2022/03/15 10:15 p.m.14 views

CVE-2022-26211

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function CloudACMunualUpdate, via the...

9.8CVSS0.17336EPSS
Exploits1References1
Prion
Prionadded 2022/03/15 10:15 p.m.16 views

Command injection

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDeviceName, via the deviceM...

7.5CVSS9.9AI score0.17336EPSS
Exploits1References1Affected Software6
Prion
Prionadded 2022/03/15 10:15 p.m.13 views

Command injection

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function CloudACMunualUpdate, via the...

7.5CVSS9.9AI score0.17336EPSS
Exploits1References1Affected Software6
Cvelist
Cvelistadded 2022/03/15 9:56 p.m.16 views

CVE-2022-26211

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function CloudACMunualUpdate, via the...

10AI score0.17336EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/03/15 9:56 p.m.15 views

CVE-2022-26212

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDeviceName, via the deviceM...

10AI score0.17336EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2022/03/15 12:0 a.m.3 views

PT-2022-17725 · Totolink · Totolink A3100R +5

Name of the Vulnerable Software and Affected Versions: Totolink A830R version 5.9c.4729 B20191112 Totolink A3100R version 4.1.2cu.5050 B20200504 Totolink A950RG version 4.1.2cu.5161 B20200903 Totolink A800R version 4.1.2cu.5137 B20200730 Totolink A3000RU version 5.9c.5185 B20201128 Totolink A810R...

9.8CVSS9.8AI score0.17336EPSS
Exploits1References3
NVD
NVDadded 2022/03/10 5:47 p.m.15 views

CVE-2022-25550

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service DoS via the deviceName parameter...

7.8CVSS0.00346EPSS
Exploits1References1
OSV
OSVadded 2022/03/10 5:47 p.m.2 views

CVE-2022-25550

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service DoS via the deviceName parameter...

7.5CVSS5.9AI score
Exploits0References1
Rows per page
Query Builder