Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 12:39 p.m.8 views

CVE-2023-29803

TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the pid parameter in the disconnectVPN function...

9.8CVSS8AI score0.14899EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/14 7:46 a.m.6 views

CVE-2024-34921

TOTOLINK X5000R v9.1.0cu.2350B20230313 was discovered to contain a command injection via the disconnectVPN function...

8.8CVSS7.8AI score0.12134EPSS
Exploits1References1
OSV
OSVadded 2024/05/14 3:39 p.m.0 views

CVE-2024-34921

TOTOLINK X5000R v9.1.0cu.2350B20230313 was discovered to contain a command injection via the disconnectVPN function...

8.8CVSS5.8AI score0.12134EPSS
Exploits1References1
CVE
CVEadded 2024/05/13 7:23 p.m.48 views

CVE-2024-34921

The CVE-2024-34921 entry applies to TOTOLINK X5000R firmware version 9.1.0cu.2350_B20230313, where a command injection is possible via the disconnectVPN function. Connected sources attribute the root cause to inadequate input sanitization (notably in the pid parameter of /cgi-bin/cstecgi.cgi), en...

8.8CVSS7.9AI score0.12134EPSS
Exploits1References1Affected Software1
BDU FSTEC
BDU FSTECadded 2023/12/20 12:0 a.m.0 views

The vulnerability of the DisconnectVPN function in the microprogramming software for TOTOLINK X18 allows a hacker to execute arbitrary commands.

The vulnerability of the DisconnectVPN function in the TOTOLINK X18 router microprogramming system is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely using the pid parameter...

10CVSS0.14899EPSS
Exploits1References4Affected Software1
Prion
Prionadded 2023/04/14 2:15 p.m.19 views

Command injection

TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the pid parameter in the disconnectVPN function...

7.5CVSS9.8AI score0.14899EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2023/04/14 12:0 a.m.12 views

CVE-2023-29803

TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the pid parameter in the disconnectVPN function...

10AI score0.14899EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/04/14 12:0 a.m.2 views

TOTOLINK X18 命令注入漏洞

The TOTOLINK X18 is a mesh router system from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK X18 version V9.1.0cu.2024B20220329, which stems from a command injection vulnerability via the pid parameter in the disconnectVPN function...

9.8CVSS8.4AI score0.14899EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/04/14 12:0 a.m.3 views

PT-2023-7825 · Totolink · Totolink X18

Name of the Vulnerable Software and Affected Versions: TOTOLINK X18 version 9.1.0cu.2024 B20220329 Description: The issue is related to a command injection vulnerability in the disconnectVPN function, specifically via the pid parameter. This vulnerability is due to insufficient argument checking,...

9.8CVSS9.5AI score0.14899EPSS
Exploits1References6
Rows per page
Query Builder