EUVD-2024-51951

Malicious code in bioql PyPI...

CVE-2024-53335

TOTOLINK A810R V4.1.2cu.5182B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi...

TOTOLINK A810R downloadFlile.cgi Buffer Overflow Vulnerability

The TOTOLINK A810R is a wireless dual-band router from China's Gion Electronics TOTOLINK. The TOTOLINK A810R suffers from a buffer overflow vulnerability that originates from downloadFlile.cgi failing to properly validate the length and size of input data, which can be exploited by an attacker to...

PT-2024-35726 · Totolink · Totolink A810R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version 4.1.2cu.5182 B20201026 Description: The issue is related to a Buffer Overflow in the downloadFlile.cgi endpoint. This can potentially allow for unauthorized access or execution of malicious code. Recommendations: For...

CVE-2024-53335

Affected product: TOTOLINK A810R (firmware 4.1.2cu.5182_B20201026). Vulnerability: Buffer overflow in the downloadFlile.cgi endpoint. Root cause / details: The vulnerability arises from improper validation of input length/size in downloadFlile.cgi, leading to potential memory corruption. Impact (...

Command injection

The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646B20201211 has a command injection vulnerability when receiving GET parameters. The parameter name can be constructed for unauthenticated command execution...