TOTOLINK EX1800T setWiFiApConfig Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setWiFiApConfig interface, which originates from the failure of the opmode parameter of the cstecgi .cgi's setWiFiApConfig interface to correctly...

TOTOLINK EX1800T Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T. The vulnerability stems from the failure of the langFlag parameter of the cstecgi .cgi's setLanguageCfg interface to properly filter constructed...

TOTOLINK EX1800T lanIp Parameter Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T lanIp parameter. The vulnerability stems from the failure of the lanIp parameter of the setLanConfig interface of cstecgi .cgi to properly filter...

TOTOLINK EX1800T NTPSyncWithHost Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T version v9.1.0cu.2112B20220316. The vulnerability stems from the hosttime parameter of the NTPSyncWithHost interface of cstecgi .cgi failing to...

TOTOLINK EX1800T Command Execution Vulnerability (CNVD-2024-31498)

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from a command execution vulnerability that can be exploited by an attacker to execute arbitrary commands on the system...

vintage-electronics.com Cross Site Scripting vulnerability OBB-3826666

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

TOTOLINK A7100RU buffer overflow vulnerability (CNVD-2023-101089)

The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK A7100RU version V7.4cu.2313B20191024, which originates from the parameter flag in file /cgi-bin/cstecgi.cgi?action=login that fails to correctly validate the length...

PT-2023-8818 · Delta Electronics · Cncsoft-B

Name of the Vulnerable Software and Affected Versions: Delta Electronics CNCSoft-B versions 1.0.0.4 and prior Description: The issue is caused by a stack-based buffer overflow in the CNCSoft-B software, which may allow an attacker to execute arbitrary code. This can be exploited by remote...

Delta Electronics DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in its ability to restore unreliable data in memory, allowing an attacker to execute commands with local administrator privileges.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute code with local administrator privileges...

Johnson Controls Kantech Gen1 ioSmart

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable from adjacent network Vendor : Sensormatic Electronics, LLC, an affiliate of Johnson Controls Inc. Equipment : Kantech Gen1 ioSmart card reader Vulnerability : Missing Release of Memory after Effective Lifetime 2. RISK EVALUATION...

The vulnerability of the Delta Electronics InfraSuite Device Master software in monitoring devices in real time arises from an incorrect limitation on the path name to the restricted access catalog. This allows a perpetrator to write to any file anywhere within the file system.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring exists due to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability allows a malicious actor to write to any file anywhere within the file syst...

JTEKT ELECTRONICS HMI GC-A2 series Security Breach

JTEKT ELECTRONICS HMI GC-A2 series is a series of HMIs from JTEKT. A security vulnerability exists in the JTEKT ELECTRONICS HMI GC-A2 series due to a Denial of Service DOS vulnerability in the rfe service. Affected Products and Versions: GC-A22W-CW All Versions, GC-A24W-CW All Versions, GC-A26W-C...

JTEKT ELECTRONICS HMI GC-A2 series Security Breach

JTEKT ELECTRONICS HMI GC-A2 series is a series of Human Machine Interfaces HMIs from JTEKT. A security vulnerability exists in the JTEKT ELECTRONICS HMI GC-A2 series, which originates from a Denial of Service DoS vulnerability in the FTP service, where an unauthenticated, remote attacker sending...

JTEKT ELECTRONICS HMI GC-A2 series Security Breach

JTEKT ELECTRONICS HMI GC-A2 series is a series of HMIs from JTEKT. The JTEKT ELECTRONICS HMI GC-A2 series suffers from a security vulnerability that originates from a Denial of Service DoS in the NetBIOS service, which can be exploited by an attacker to send specially crafted packets to a specifi...

JVN#34145838: Multiple denial-of-service (DoS) vulnerabilities in JTEKT ELECTRONICS HMI GC-A2 series

HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contains multiple denial-of-service DoS vulnerabilities listed below. Denial-of-service DoS vulnerability in FTP service CWE-400 - CVE-2023-41963 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H|...

The vulnerability of the Delta Electronics InfraSuite Device Master software in real-time monitoring of devices, related to the use of dangerous methods or functions, allows a perpetrator to execute arbitrary codes.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to the use of dangerous methods or functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted UDP packet...

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in improper restrictions on path names in the catalog. This allows attackers to disclose user information, obtain login credentials in plain text, or perform NTLM relay attacks.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability can allow a malicious actor to disclose user information, obtain login credentials in...

TOTOLINK X6000R IP Parameter Command Execution Vulnerability

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R suffers from a command execution vulnerability that stems from the IP parameter of the setDiagnosisCfg component failing to properly filter constructed command special characters, commands, and so on...

CVE-2023-5944

Delta Electronics DOPSoft is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate user to execute a specially crafted file...