Lucene search
K

484 matches found

OSV
OSV
added 2024/08/12 6:15 p.m.2 views

CVE-2024-42543

TOTOLINK A3700R v9.1.2u.5822B20200513 has a buffer overflow vulnerability in the httphost parameter in the loginauth function...

9.8CVSS6.1AI score0.00663EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.3 views

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK A3700R v9.1.2u.5822B20200513, which originates from a failure to correctly validate the length of the input data in the httphost parameter of the loginauth...

9.8CVSS8.1AI score0.00663EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/08/09 12:0 a.m.6 views

The vulnerability of the loginauth (/cgi-bin/cstecgi.cgi) function in the TOTOLINK EX200 router software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the loginauth /cgi-bin/cstecgi.cgi function in the TOTOLINK EX200 router software arises due to buffer overflows in the stack during the processing of the httphost parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and...

9CVSS7.9AI score0.0127EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/09 12:0 a.m.5 views

The vulnerability of the loginauth (/cgi-bin/cstecgi.cgi) function in the TOTOLINK EX1200L router’s microprogramming system allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the loginauth /cgi-bin/cstecgi.cgi function in the TOTOLINK EX1200L router software arises due to buffer overflows in the stack during the processing of the httphost parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and...

9CVSS7.9AI score0.01203EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/09 12:0 a.m.5 views

The vulnerability of the getSaveConfig function (/cgi-bin/cstecgi.cgi?action=save&setting) in the TOTOLINK EX200 router software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the getSaveConfig function /cgi-bin/cstecgi.cgi?action=save&setting in the TOTOLINK EX200 router software arises due to a buffer overflow occurring during the processing of the httphost parameter. Exploiting this vulnerability allows an attacker to compromise the...

9CVSS8AI score0.01157EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.4 views

The vulnerability of the loginauth function in the /cgi-bin/cstecgi.cgi script of the TOTOLINK CP450 router’s microprogramming system, which allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the loginauth function in the /cgi-bin/cstecgi.cgi script of the TOTOLINK CP450 router’s microprogramming system is related to the issue of data being written outside the buffer in memory when processing the httphost parameter. Exploiting this vulnerability allows a malicious...

9CVSS7.8AI score0.01349EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/08/05 2:16 a.m.3 views

CVE-2024-7465

A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747B20191224. Affected is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument httphost leads to buffer overflow. It is possible to launch the attack remotely. The exploit h...

9.8CVSS7.5AI score
Exploits0References4
OSV
OSV
added 2024/08/01 3:15 a.m.4 views

CVE-2024-7337

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200L 9.3.5u.6146B20201023. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument httphost leads to buffer overflow. The attack may be launched remotely. T...

8.8CVSS6AI score0.01203EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/08/01 12:0 a.m.4 views

TOTOLINK EX200 安全漏洞

The TOTOLINK EX200 is a 2.4G wireless N range extender designed to extend the coverage of existing Wi-Fi networks. A buffer overflow vulnerability exists in the TOTOLINK EX200. The vulnerability originates from the file /cgi-bin/cstecgi.cgi?action=save&setting The function getSaveConfig as...

9CVSS7.3AI score0.01157EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/07/28 11:0 a.m.28 views

CVE-2024-7157 TOTOLINK A3100R getSaveConfig buffer overflow

A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050B20200504. It has been classified as critical. This affects the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument httphost leads to buffer overflow. It is possible to initiate the...

9CVSS0.07368EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/07/28 12:0 a.m.4 views

TOTOLINK A3600R 安全漏洞

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China Gion Electronics. The TOTOLINK A3600R suffers from a buffer overflow vulnerability, which is located in the loginauth function in the /cgi-bin/cstecgi.cgi file, and stems from improper handling of the password and httphost parameters...

9CVSS7.8AI score0.01091EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.11 views

PT-2024-5477 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version 9.3.5u.6146 B20201023 Description: The issue is caused by a buffer overflow on the stack when processing the http host parameter in the loginauth function of the /cgi-bin/cstecgi.cgi file. This can be exploited by a...

9CVSS8.9AI score0.01203EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.30 views

RHEL 5 : cups (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cups: code execution via unescape ANSI escape sequences CVE-2014-8166 - cups: incorrect string reference...

8.8CVSS8.2AI score0.29913EPSS
Exploits10References14
Github Security Blog
Github Security Blog
added 2024/05/30 8:0 p.m.18 views

ExtJS JavaScript framework used in TYPO3 vulnerable to Cross-site Scripting

Failing to properly validate the HTTP host-header TYPO3 CMS is susceptible to host spoofing. TYPO3 uses the HTTP host-header to generate absolute URLs in several places like 404 handling, https enforcement, password reset links and many more. Since the host header itself is provided by the client...

7.2AI score
Exploits0References8Affected Software1
OSV
OSV
added 2024/05/24 6:15 p.m.3 views

CVE-2024-35387

TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a stack overflow via the httphost parameter in the function loginAuth...

9.8CVSS5.8AI score0.06071EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/22 12:0 a.m.4 views

PT-2024-1835 · Totolink · Totolink Lr1200Gb

Name of the Vulnerable Software and Affected Versions: Totolink LR1200GB versions 9.1.0u.6619 B20230130 through 9.3.5u.6698 B20230810 Description: A critical vulnerability has been found in the Web Interface component of Totolink LR1200GB, specifically in the loginAuth function of the file...

10CVSS9.6AI score0.02029EPSS
Exploits1References9
CNNVD
CNNVD
added 2024/01/29 12:0 a.m.5 views

TOTOLINK N200RE 安全漏洞

The TOTOLINK N200RE is a router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK N200RE version 9.3.5u.6139B20201216, which originates from the failure of the httphost parameter of the loginAuth function of /cgi-bin/cstecgi.cgi to properly validate th...

8.3CVSS8.1AI score0.01276EPSS
Exploits1References4
OSV
OSV
added 2024/01/09 6:15 a.m.4 views

CVE-2023-7219

A vulnerability has been found in Totolink N350RT 9.3.5u.6139B202012 and classified as critical. Affected by this vulnerability is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument httphost leads to stack-based buffer overflow. The attack can be launched...

9.8CVSS6.4AI score
Exploits0References3
NVD
NVD
added 2023/12/22 5:15 p.m.27 views

CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

6.1CVSS0.01268EPSS
Exploits2References5
CNVD
CNVD
added 2023/11/30 12:0 a.m.43 views

Apache Superset Input Validation Error Vulnerability (CNVD-2023-9666130)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An input validation error vulnerability exists in Apache Superset versions prior to 3.0.0. The vulnerability stems from the presence of improper input validation, which can be exploited by an...

5.4CVSS5.1AI score0.00823EPSS
Exploits0References1
Rows per page
Query Builder