EUVD-2026-25843

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. T...

PT-2026-35419

A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely...

CVE-2026-1157

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This affects the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and...

Socomec DIRIS Digiware M series and Easy Config, PDF XChange Editor vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed an out-of-bounds read vulnerability in PDF XChange Editor, and ten vulnerabilities in Socomec DIRIS Digiware M series and Easy Config products. The vulnerabilities mentioned in this blog post have been patched by their...

Socomec Easy Config System Authentication Bypass Vulnerability

Socomec Easy Config System is a free software tool developed by Socomec for fast, reliable and flexible configuration of its power monitoring and measurement equipment. An authentication bypass vulnerability exists in Socomec Easy Config System, which stems from an authentication bypass in the us...

CVE-2024-45370

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

CVE-2024-45370

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

EUVD-2024-55108

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

CVE-2024-45370

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

CVE-2024-45370

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

Socomec Easy Config System 安全漏洞

Socomec Easy Config System is a free software tool developed by Socomec for fast, reliable and flexible configuration of its power monitoring and measurement equipment. An authentication bypass vulnerability exists in Socomec Easy Config System, which stems from an authentication bypass in the us...

PT-2025-48468

Name of the Vulnerable Software and Affected Versions Socomec Easy Config System version 2.6.1.0 Description An authentication bypass exists in the User profile management functionality. A crafted database record can allow unauthorized access. An attacker can modify a local database to trigger th...

Socomec Easy Config System User profile management authentication bypass vulnerability

Talos Vulnerability Report TALOS-2024-2117 Socomec Easy Config System User profile management authentication bypass vulnerability December 1, 2025 CVE Number CVE-2024-45370 SUMMARY An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config...

CVE-2025-45842

TOTOLINK NR1800X V9.1.0u.6681B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyCfg function...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router that provides wireless network connectivity. The TOTOLINK A3700R suffers from an improper access control vulnerability that stems from the setWiFiEasyCfg/setWiFiEasyGuestCfg functions in the /cgi-bin/cstecgi.cgi file failing to properly handle specific...