108 matches found
PT-2022-24109 · Totolink · Totolink A860R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A860R version 4.1.2cu.5182 B20201027 Description: The issue is related to a buffer overflow vulnerability in the main function of the downloadfile.cgi. Recommendations: For TOTOLINK A860R version 4.1.2cu.5182 B20201027, consider...
CVE-2022-38511
TOTOLINK A810R V5.9c.4050B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi...
CVE-2022-38511
TOTOLINK A810R V5.9c.4050B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi...
Command injection
TOTOLINK A810R V5.9c.4050B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi...
CVE-2022-38511
CVE-2022-38511 affects TOTOLINK A810R (V5.9c.4050_B20190424). Multiple connected sources describe a command injection vulnerability in the downloadFile.cgi component. The CVE entry lists a high-severity score (C:H/I:H/A:H) with local access and no user interaction. Public details consistently ind...
CVE-2022-38511
TOTOLINK A810R V5.9c.4050B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi...
PT-2022-24433 · Totolink · Totolink A810R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version V5.9c.4050 B20190424 Description: A command injection issue was found in the downloadFile.cgi component. This allows for potential exploitation. Recommendations: For TOTOLINK A810R version V5.9c.4050 B20190424, consider...
CVE-2019-17187
/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007JS201804 devices allows pre-authentication Directory Traversal for reading arbitrary files...