Lucene search
K

42 matches found

CNNVD
CNNVD
added 2024/06/03 12:0 a.m.5 views

TOTOLINK LR350 安全漏洞

TOTOLINK LR350 is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK LR350 suffers from a command injection vulnerability that stems from being able to perform command injection via the hosttime parameter in the NTPSyncWithHost function. No details of the vulnerability are...

9.8CVSS7.6AI score0.01386EPSS
Exploits0References2
OSV
OSV
added 2024/02/17 6:15 a.m.5 views

CVE-2024-25468

An issue in TOTOLINK X5000R V.9.1.0u.6369B20230113 allows a remote attacker to cause a denial of service via the hosttime parameter of the NTPSyncWithHost component...

7.5CVSS5.8AI score0.00927EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/17 12:0 a.m.22 views

CVE-2024-25468

An issue in TOTOLINK X5000R V.9.1.0u.6369B20230113 allows a remote attacker to cause a denial of service via the hosttime parameter of the NTPSyncWithHost component...

6.8AI score0.00927EPSS
Exploits1References1
OSV
OSV
added 2023/12/22 6:15 p.m.5 views

CVE-2023-51023

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to arbitrary command execution in the ‘hosttime’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi...

9.8CVSS6AI score0.0097EPSS
Exploits1References1
Prion
Prion
added 2023/02/03 4:15 p.m.18 views

Command injection

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the hosttime parameter in the NTPSyncWithHost function...

7.5CVSS9.8AI score0.0192EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/03 12:0 a.m.6 views

CVE-2023-24138

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the hosttime parameter in the NTPSyncWithHost function...

8.2AI score0.0192EPSS
Exploits1References1
NVD
NVD
added 2022/08/25 3:15 p.m.19 views

CVE-2022-37082

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the hosttime parameter at the function NTPSyncWithHost...

7.8CVSS0.01086EPSS
Exploits1References1
Prion
Prion
added 2022/08/25 3:15 p.m.15 views

Command injection

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the hosttime parameter at the function NTPSyncWithHost...

4.3CVSS7.9AI score0.01086EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2022/08/25 2:15 p.m.27 views

CVE-2022-36479

TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the hosttime parameter in the function NTPSyncWithHost...

7.8CVSS0.01099EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/08/25 2:15 p.m.4 views

CVE-2022-36479

TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the hosttime parameter in the function NTPSyncWithHost...

7.8CVSS7.6AI score0.01099EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/08/25 2:15 p.m.5 views

CVE-2022-36459

TOTOLINK A3700R V9.1.2u.6134B20201202 was discovered to contain a command injection vulnerability via the hosttime parameter in the function NTPSyncWithHost...

7.8CVSS7.6AI score0.01086EPSS
Exploits1References2
OSV
OSV
added 2022/08/25 2:15 p.m.4 views

CVE-2022-36459

TOTOLINK A3700R V9.1.2u.6134B20201202 was discovered to contain a command injection vulnerability via the hosttime parameter in the function NTPSyncWithHost...

7.8CVSS5.8AI score0.01086EPSS
Exploits1References1
Prion
Prion
added 2022/08/25 2:15 p.m.16 views

Command injection

TOTOLINK A3700R V9.1.2u.6134B20201202 was discovered to contain a command injection vulnerability via the hosttime parameter in the function NTPSyncWithHost...

4.3CVSS7.9AI score0.01086EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/08/25 2:15 p.m.22 views

Command injection

TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the hosttime parameter in the function NTPSyncWithHost...

4.3CVSS7.9AI score0.01099EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/08/25 2:3 p.m.25 views

CVE-2022-37082

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the hosttime parameter at the function NTPSyncWithHost...

8.1AI score0.01086EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/08/25 1:54 p.m.30 views

CVE-2022-36479

TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the hosttime parameter in the function NTPSyncWithHost...

8.1AI score0.01099EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.5 views

TOTOLINK A7000R 操作系统命令注入漏洞

The TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK A7000R version V9.1.0u.6115B20201022, which stems from a command injection issue in the hosttime parameter of the NTPSyncWithHost method...

7.8CVSS5.7AI score0.01086EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.4 views

TOTOLINK N350RT 操作系统命令注入漏洞

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a command injection issue in the hosttime parameter of the NTPSyncWithHost method...

7.8CVSS5.7AI score0.01099EPSS
Exploits1References2
CNVD
CNVD
added 2022/03/17 12:0 a.m.13 views

Multiple TotoLink Product Command Injection Vulnerabilities (CNVD-2022-47974)

Totolink A830R/A3100R/A950RG/A800R/A3000RU/A810R products are one of the routers from Totolink China. A command injection vulnerability exists in several TotoLink products. The vulnerability stems from the failure of the hosttime parameter in the NTPSyncWithHost function to properly filter the...

9.8CVSS4.5AI score0.02806EPSS
Exploits1References1
OSV
OSV
added 2022/03/15 10:15 p.m.4 views

CVE-2022-26214

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function NTPSyncWithHost. This...

9.8CVSS7.5AI score0.02806EPSS
Exploits1References1
Rows per page
Query Builder