484 matches found
CVE-2024-42543
TOTOLINK A3700R v9.1.2u.5822B20200513 has a buffer overflow vulnerability in the httphost parameter in the loginauth function...
TOTOLINK A3700R 安全漏洞
The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK A3700R v9.1.2u.5822B20200513, which originates from a failure to correctly validate the length of the input data in the httphost parameter of the loginauth...
The vulnerability of the loginauth (/cgi-bin/cstecgi.cgi) function in the TOTOLINK EX200 router software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the loginauth /cgi-bin/cstecgi.cgi function in the TOTOLINK EX200 router software arises due to buffer overflows in the stack during the processing of the httphost parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the loginauth (/cgi-bin/cstecgi.cgi) function in the TOTOLINK EX1200L router’s microprogramming system allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the loginauth /cgi-bin/cstecgi.cgi function in the TOTOLINK EX1200L router software arises due to buffer overflows in the stack during the processing of the httphost parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the getSaveConfig function (/cgi-bin/cstecgi.cgi?action=save&setting) in the TOTOLINK EX200 router software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the getSaveConfig function /cgi-bin/cstecgi.cgi?action=save&setting in the TOTOLINK EX200 router software arises due to a buffer overflow occurring during the processing of the httphost parameter. Exploiting this vulnerability allows an attacker to compromise the...
The vulnerability of the loginauth function in the /cgi-bin/cstecgi.cgi script of the TOTOLINK CP450 router’s microprogramming system, which allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the loginauth function in the /cgi-bin/cstecgi.cgi script of the TOTOLINK CP450 router’s microprogramming system is related to the issue of data being written outside the buffer in memory when processing the httphost parameter. Exploiting this vulnerability allows a malicious...
CVE-2024-7465
A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747B20191224. Affected is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument httphost leads to buffer overflow. It is possible to launch the attack remotely. The exploit h...
CVE-2024-7337
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200L 9.3.5u.6146B20201023. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument httphost leads to buffer overflow. The attack may be launched remotely. T...
TOTOLINK EX200 安全漏洞
The TOTOLINK EX200 is a 2.4G wireless N range extender designed to extend the coverage of existing Wi-Fi networks. A buffer overflow vulnerability exists in the TOTOLINK EX200. The vulnerability originates from the file /cgi-bin/cstecgi.cgi?action=save&setting The function getSaveConfig as...
CVE-2024-7157 TOTOLINK A3100R getSaveConfig buffer overflow
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050B20200504. It has been classified as critical. This affects the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument httphost leads to buffer overflow. It is possible to initiate the...
TOTOLINK A3600R 安全漏洞
TOTOLINK A3600R is a 6-antenna 1200M wireless router from China Gion Electronics. The TOTOLINK A3600R suffers from a buffer overflow vulnerability, which is located in the loginauth function in the /cgi-bin/cstecgi.cgi file, and stems from improper handling of the password and httphost parameters...
PT-2024-5477 · Totolink · Totolink Ex1200T
Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version 9.3.5u.6146 B20201023 Description: The issue is caused by a buffer overflow on the stack when processing the http host parameter in the loginauth function of the /cgi-bin/cstecgi.cgi file. This can be exploited by a...
RHEL 5 : cups (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cups: code execution via unescape ANSI escape sequences CVE-2014-8166 - cups: incorrect string reference...
ExtJS JavaScript framework used in TYPO3 vulnerable to Cross-site Scripting
Failing to properly validate the HTTP host-header TYPO3 CMS is susceptible to host spoofing. TYPO3 uses the HTTP host-header to generate absolute URLs in several places like 404 handling, https enforcement, password reset links and many more. Since the host header itself is provided by the client...
CVE-2024-35387
TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a stack overflow via the httphost parameter in the function loginAuth...
PT-2024-1835 · Totolink · Totolink Lr1200Gb
Name of the Vulnerable Software and Affected Versions: Totolink LR1200GB versions 9.1.0u.6619 B20230130 through 9.3.5u.6698 B20230810 Description: A critical vulnerability has been found in the Web Interface component of Totolink LR1200GB, specifically in the loginAuth function of the file...
TOTOLINK N200RE 安全漏洞
The TOTOLINK N200RE is a router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK N200RE version 9.3.5u.6139B20201216, which originates from the failure of the httphost parameter of the loginAuth function of /cgi-bin/cstecgi.cgi to properly validate th...
CVE-2023-7219
A vulnerability has been found in Totolink N350RT 9.3.5u.6139B202012 and classified as critical. Affected by this vulnerability is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument httphost leads to stack-based buffer overflow. The attack can be launched...
CVE-2023-49088
Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...
Apache Superset Input Validation Error Vulnerability (CNVD-2023-9666130)
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An input validation error vulnerability exists in Apache Superset versions prior to 3.0.0. The vulnerability stems from the presence of improper input validation, which can be exploited by an...