TOTOLINK EX1800T setWiFiExtenderConfig Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setWiFiExtenderConfig interface, which originates from the failure of the key5g parameter of the cstecgi .cgi's setWiFiExtenderConfig interface t...

TOTOLINK EX1800T setRptWizardCfg Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setRptWizardCfg interface, which originates from the merge parameter of the cstecgi .cgi's setRptWizardCfg interface that fails to correctly filt...

TOTOLINK EX1800T setNtpCfg Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setNtpCfg interface. The vulnerability stems from the failure of the tz parameter of the setNtpCfg interface of cstecgi .cgi to properly filter...

TOTOLINK EX1800T lanIp Parameter Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T lanIp parameter. The vulnerability stems from the failure of the lanIp parameter of the setLanConfig interface of cstecgi .cgi to properly filter...

TOTOLINK EX1800T NTPSyncWithHost Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T version v9.1.0cu.2112B20220316. The vulnerability stems from the hosttime parameter of the NTPSyncWithHost interface of cstecgi .cgi failing to...

Command Execution Vulnerability in Green Alliance WAF of Beijing Shenzhou Green Alliance Technology Co., Ltd (CNVD-2024-07088)

Beijing Shenzhou Green Alliance Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application services. Ltd. Green Alliance WAF has a command execution vulnerability that can be exploited by attackers to execute arbitrary commands...

TOTOLINK EX1200L setOpModeCfg Interface Command Execution Vulnerability

TOTOLINK EX1200L is a dual-band wireless signal booster, mainly used to extend Wi-Fi coverage in home or office environments, solving the problem of weak signals or dead spots. The TOTOLINK EX1200L suffers from a command execution vulnerability that stems from the setOpModeCfg interface of...

TOTOLINK EX1200L NTPSyncWithHost Interface Command Execution Vulnerability

TOTOLINK EX1200L is a dual-band wireless signal booster, mainly used to extend Wi-Fi coverage in home or office environments, solving the problem of weak signals or dead spots. The TOTOLINK EX1200L suffers from a command execution vulnerability that stems from the NTPSyncWithHost interface of...

TOTOLINK EX1800T setPasswordCfg Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setPasswordCfg interface, which originates from the failure of the admuser parameter of the cstecgi .cgi's setPasswordCfg interface to correctly...

TOTOLINK EX1800T cstecgi.cgi lanSecDns Parameter Arbitrary Command Execution Vulnerability

TOTOLINK EX1800T is a Wi-Fi range extender from China's TOTOLINK, which supports Wi-Fi 6 technology and enhances signal coverage by connecting wirelessly to a router, making it suitable for home and small office environments. The TOTOLINK EX1800T suffers from a command execution vulnerability tha...

CVE-2023-50651

TOTOLINK X6000R v9.4.0cu.852B20230719 was discovered to contain a remote command execution RCE vulnerability via the component /cgi-bin/cstecgi.cgi...

SUSE-SU-2023:4978-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - CVE-2023-42890: Fixed processing malicious web content may lead to arbitrary code execution bsc1218033. - CVE-2023-42883: Fixed processing a malicious image may lead to a denial-of-service bsc1218032. - CVE-2023-41074: Fixed use-after-free...

TOTOLINK EX1800T 安全漏洞

TOTOLINK EX1800T is a Wi-Fi range extender from China's TOTOLINK, which supports Wi-Fi 6 technology and enhances signal coverage by connecting wirelessly to a router, making it suitable for home and small office environments. A command execution vulnerability exists in the TOTOLINK EX1800T, which...

IBM Informix JDBC Remote Code Execution Vulnerability

IBM Informix JDBC Driver is a driver from International Business Machines IBM. A remote code execution vulnerability exists in IBM Informix JDBC that stems from a failure to properly filter special elements of a constructed code segment when passing unchecked parameters to an API, which could be...

Tenda i29 sysScheduleRebootSet Method Command Execution Vulnerability

The Tenda i29 is a wireless router from the Chinese company Tenda. The Tenda i29 suffers from a command execution vulnerability that stems from the sysScheduleRebootSet method failing to properly filter construct command special characters, commands, etc. The vulnerability can be exploited to cau...

TOTOLINK EX1800T 安全漏洞

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setWiFiApConfig interface, which originates from the failure of the opmode parameter of the cstecgi .cgi's setWiFiApConfig interface to correctly...

PT-2023-31498 · Trimble · Trimble Sketchup Viewer

Name of the Vulnerable Software and Affected Versions: Trimble SketchUp Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

NETGEAR WNR2000 Command Execution Vulnerability

The NETGEAR WNR2000 is a wireless router from NETGEAR. A command execution vulnerability exists in NETGEAR WNR2000 v4 version 1.0.0.70, which stems from an application failing to properly filter constructed command special characters, commands, and more. An attacker could exploit this vulnerabili...

Dell PowerProtect Data Domain Command Execution Vulnerability

Dell PowerProtect Data Domain Dell PowerProtect DD is a suite of hardware appliances for data protection, backup, storage, and deduplication from Dell, USA. A command execution vulnerability exists in Dell PowerProtect Data Domain that stems from a failure to properly filter construct command...

Pluck Arbitrary File Upload Vulnerability (CNVD-2023-9917907)

Pluck is a content management system CMS developed using the PHP language. An arbitrary file upload vulnerability exists in Pluck version v4.7.18, which stems from the lack of valid validation of uploaded files in component /inc/modulesinstall.php. An attacker can exploit this vulnerability to...