Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/02/24 1:44 a.m.7 views

CVE-2025-70327

TOTOLINK X5000R v9.1.0cu2415B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen...

9.8CVSS5.7AI score0.00693EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/19 10:2 a.m.36 views

CVE-2026-1149 Totolink LR350 POST Request cstecgi.cgi setDiagnosisCfg command injection

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

6.5CVSS0.02714EPSS
Exploits1References5
CNVD
CNVD
added 2024/01/30 12:0 a.m.11 views

TOTOLINK N200RE command parameter buffer overflow vulnerability

The TOTOLINK N200RE is a wireless router for the SOHO market. The TOTOLINK N200RE suffers from a buffer overflow vulnerability that originates from a stack-based buffer overflow in the command parameter of the setDiagnosisCfg function of /cgi-bin/cstecgi.cgi. No detailed vulnerability details are...

8.8CVSS7.5AI score0.0125EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.7 views

PT-2022-27152 · Totolink · Totolink Lr350

Name of the Vulnerable Software and Affected Versions: TOTOLINK LR350 version 9.3.5u.6369 B20220309 Description: The issue is a post-authentication buffer overflow that occurs via the ip parameter in the setDiagnosisCfg function. This allows for potential exploitation after authentication has bee...

8.8CVSS7.6AI score0.0211EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.5 views

PT-2022-23789 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLink A7000R version 9.1.0u.6115 B20201022 Description: A stack overflow issue was discovered via the ip parameter in the setDiagnosisCfg function. Recommendations: For TOTOLink A7000R version 9.1.0u.6115 B20201022, consider restricting...

7.8CVSS7.5AI score0.00327EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.6 views

TOTOLINK N350RT 缓冲区错误漏洞

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a stack overflow issue in the setDiagnosisCfg method...

7.8CVSS5.5AI score0.00331EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.6 views

PT-2022-23403 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was found via the ip parameter in the setDiagnosisCfg function, allowing potential exploitation. Recommendations: For TOTOLINK N350RT version 9.3.5u.6139...

7.8CVSS7.7AI score0.01308EPSS
Exploits1References2
Rows per page
Query Builder