CVE-2025-8937

A vulnerability has been found in TOTOLINK N350R 1.2.3-B20130826. This vulnerability affects unknown code of the file /boafrm/formSysCmd. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8937

A vulnerability has been found in TOTOLINK N350R 1.2.3-B20130826. This vulnerability affects unknown code of the file /boafrm/formSysCmd. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8937 TOTOLINK N350R formSysCmd command injection

A vulnerability has been found in TOTOLINK N350R 1.2.3-B20130826. This vulnerability affects unknown code of the file /boafrm/formSysCmd. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8937

CVE-2025-8937 affects TOTOLINK N350R, specifically the component/file at /boafrm/formSysCmd. The documented issue is a command injection vulnerability in unknown code, exploitable remotely, with exploit publicly disclosed. The primary affected device is TOTOLINK N350R version 1.2.3-B20130826. Sev...

CVE-2025-8937 TOTOLINK N350R formSysCmd command injection

A vulnerability has been found in TOTOLINK N350R 1.2.3-B20130826. This vulnerability affects unknown code of the file /boafrm/formSysCmd. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

TOTOLINK N350R 注入漏洞

The TOTOLINK N350R is a WiFi router from China's Gion Electronics TOTOLINK. The TOTOLINK N350R suffers from an injection vulnerability that originates from a misbehavior in the file /boafrm/formSysCmd, which can be exploited by an attacker to cause an application to crash or behave abnormally by...

PT-2025-33121

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350R version 1.2.3-B20130826 Description: A vulnerability exists in TOTOLINK N350R that allows for remote command injection. The issue affects unknown code within the /boafrm/formSysCmd file. Manipulation of this file can lead to th...

CVE-2025-34029

An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell...

CVE-2025-6144

A vulnerability has been found in TOTOLINK EX1200T 4.1.2cu.5232B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formSysCmd of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2023-23295

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root...

CVE-2015-9551

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter...

D-Link DIR-619L formSysCmd Function Command Injection Vulnerability

The D-Link DIR-619L is a wireless router from China's AUO D-Link. The D-Link DIR-619L suffers from a command injection vulnerability that stems from the formSysCmd function sysCmd parameter failing to properly filter construct command special characters, commands, etc. No details of the...

CVE-2025-4453

A vulnerability was found in D-Link DIR-619L 2.04B04. It has been classified as critical. This affects the function formSysCmd. The manipulation of the argument sysCmd leads to command injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure...

CVE-2025-4453 D-Link DIR-619L formSysCmd command injection

A vulnerability was found in D-Link DIR-619L 2.04B04. It has been classified as critical. This affects the function formSysCmd. The manipulation of the argument sysCmd leads to command injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure...

CVE-2025-4453

CVE-2025-4453 affects D-Link DIR-619L firmware 2.04B04, where the vulnerable component is the function formSysCmd . The issue arises from improper handling of the sysCmd argument, enabling a remote command injection . The vulnerability is associated with devices that are no longer maintained, and...

D-Link DIR-619L 注入漏洞

The D-Link DIR-619L is a wireless router from China's AUO D-Link. The D-Link DIR-619L suffers from a command injection vulnerability that stems from the formSysCmd function sysCmd parameter failing to properly filter construct command special characters, commands, etc. No details of the...

D-Link DIR-600L 注入漏洞

The D-Link DIR-600L is an entry-level wireless router from China-based AUO D-Link that supports 150Mbps wireless transmission and four 100Gbps wired ports. The D-Link DIR-600L suffers from a command injection vulnerability that stems from the formSysCmd function parameter host failing to properly...

TOTOLINK多款产品 安全漏洞

TOTOLINK A3002RU and others are products of China's Gion Electronics TOTOLINK.TOTOLINK A3002RU is a wireless router product.TOTOLINK N300RT is a wireless router that complies with the 802.11n standard.TOTOLINK N150RT is a wireless router. A security vulnerability exists in several TOTOLINK...

CVE-2023-49593

Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A specially crafted network request can lead to arbitrary command execution...

LevelOne WBR-6013 Security Vulnerability

The LevelOne WBR-6013 is a wireless router from LevelOne. A security vulnerability exists in the LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623 version, which stems from the presence of residual debugging code in the boa formSysCmd function, where a specially crafted network request could result in...