CVE-2021-42890

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function NTPSyncWithHost of the file system.so which can control hostTime to attack...

CVE-2021-42890

CVE-2021-42890 affects TOTOLINK EX1200T V4.1.2cu.5215. The issue is a remote command injection in the NTPSyncWithHost function of the file system.so, enabling an attacker to control hostTime. Several connected sources corroborate a command-injection vulnerability in NTPSyncWithHost; the root caus...

CVE-2022-28907

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost...

CVE-2022-28907

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost...

CVE-2022-28907

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost...

Command injection

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost...

CVE-2022-28907

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost...

PT-2022-19302 · Totolink · Totolink N600R

Name of the Vulnerable Software and Affected Versions: TOTOLink N600R version 5.3c.7159 B20190425 Description: A command injection issue was discovered via the hosttime function in the "/setting/NTPSyncWithHost" API endpoint. This allows for potential command injection attacks. Recommendations: F...

TotoLink A3100R 命令注入漏洞

Totolink A3100R is a series of wireless routers from Totolink China.A command injection vulnerability exists in Totolink A3100R V4.1.2cu.5050B20200504 and prior versions, which stems from a lack of filtering and escaping of command data in the hostTime parameter in adm/ntm.asp. escaping. An...