Lucene search
K

8 matches found

CNNVD
CNNVD
added 2026/01/19 12:0 a.m.8 views

TOTOLINK LR350 Command Injection Vulnerability

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version contains a command injection vulnerability. This vulnerability arises from incorrect handling of the parameter “command” in the file /cgi-bin/cstecgi.cgi, which may lead to comman...

8.8CVSS6.6AI score0.0235EPSS
Exploits1References5
NVD
NVD
added 2025/10/31 4:15 p.m.6 views

CVE-2025-63468

Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the httphost parameter in the sub426EF8 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS0.00376EPSS
Exploits1References1
NVD
NVD
added 2025/10/31 4:15 p.m.5 views

CVE-2025-63467

Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub425400 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS0.00376EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/01/29 12:0 a.m.5 views

PT-2024-1319 · Totolink · Totolink N200Re

Name of the Vulnerable Software and Affected Versions: Totolink N200RE versions 9.3.5u.6139 B20201216 Description: The issue is related to a buffer overflow in the loginAuth function of the cstecgi.cgi script in the Totolink N200RE router's firmware. This can be exploited by a remote attacker to...

9CVSS7.3AI score0.01276EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.6 views

PT-2024-1394 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: Totolink N350RT version 9.3.5u.6255 Description: The issue is related to the /cgi-bin/cstecgi.cgi file in the Totolink N350RT router's firmware, which is associated with incorrect session expiration. This can be exploited by a remote attacker...

5.3CVSS4.5AI score0.00591EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2023/12/22 7:15 p.m.3 views

CVE-2023-51034

TOTOlink EX1200L V9.3.5u.6146B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface...

9.8CVSS6.1AI score0.01106EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/12/22 12:0 a.m.6 views

PT-2023-31745 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1200L version 9.3.5u.6146 B20201023 Description: The issue allows for arbitrary command execution via the "cstecgi.cgi" interface, specifically through the setOpModeCfg function. This could potentially be exploited through the...

9.8CVSS9.5AI score0.01049EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.4 views

TOTOLINK N350RT 操作系统命令注入漏洞

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a command injection issue in the hosttime parameter of the NTPSyncWithHost method...

7.8CVSS5.7AI score0.01099EPSS
Exploits1References2
Rows per page
Query Builder