Tenda O6 安全漏洞

Tenda O6 is a wireless bridge from Tenda, China. Tenda O6 version 1.0.0.7 suffers from a buffer overflow vulnerability, which originates from the parameter ip/localPort/publicPort/app of the fromVirtualSet function of file /goform/setPortForward fails to properly validate the length and size of t...

Tenda O3 安全漏洞

Tenda O3 is an outdoor wireless bridge from Tenda, China. A security vulnerability exists in the Tenda O3, which stems from a stack-based buffer overflow due to manipulation of the ip/localPort/public Port/app parameter in the fromVirtualSet function. No details of the vulnerability are available...

CVE-2024-38894

WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin/touchlistsync.cgi...

CVE-2024-38894

WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin/touchlistsync.cgi...

CVE-2024-38894

WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin/touchlistsync.cgi...

CVE-2024-38894

CVE-2024-38894 affects WAVLINK WN551K1 routers. A command injection flaw can be triggered by the IP parameter in /cgi-bin/touchlist_sync.cgi, allowing an attacker to inject commands through that parameter. The issue is described across multiple sources (Red Hat, CNVD, NVD, CNNVD) with no explicit...

WAVLINK WN551K1 安全漏洞

The WAVLINK WN551K1 is a wireless router from China's RuiYin Technology WAVLINK. The WAVLINK WN551K1 suffers from a command injection vulnerability that stems from the IP parameter of /cgi-bin/touchlistsync.cgi failing to properly filter constructed command special characters, commands, and so on...

Tenda W20E 安全漏洞

The Tenda W20E is a wireless router developed by Tenda to provide wireless network connectivity and management capabilities. The Tenda W20E suffers from a stack buffer overflow vulnerability that originates from improper handling of the remoteIP parameter in the formSetRemoteWebManage function in...

CVE-2024-2764

A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.48. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument endIP leads to stack-based buffer overflow. It is possible to initiate the attack remotely. T...

TOTOLINK X6000R 操作系统命令注入漏洞

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R version 9.4.0cu.85220230719 suffers from an operating system command injection vulnerability that originates from a security issue in the setDiagnosisCfg function in /cgi-bin/cstecgi.cgi in the...

PT-2024-2010 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: Totolink X6000R version 9.4.0cu.852 20230719 Description: A critical issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation of the argument ip leads to os command injection. The...

LinBle LBT T300-T390 Security Vulnerability

LinBle LBT T300-T390 is a 4G Industrial Router from LinBle China. A security vulnerability exists in the LinBle LBT T300-T390 v2.2.1.8, which is caused by a buffer overflow in the vpnclientip parameter of the configvpnpptp method...

PT-2024-21950 · Unknown · Lbt T300-T390

Name of the Vulnerable Software and Affected Versions: LBT T300- T390 version 2.2.1.8 Description: The issue is related to a stack overflow via the vpn client ip parameter in the config vpn pptp function, allowing attackers to cause a Denial of Service DoS via a crafted POST request...

TOTOLINK N200RE /cgi-bin/cstecgi.cgi Buffer Overflow Vulnerability

The TOTOLINK N200RE is a wireless router for the SOHO market. The TOTOLINK N200RE suffers from a buffer overflow vulnerability that originates from a stack-based buffer overflow in the ip parameter of the setDiagnosisCfg function of /cgi-bin/cstecgi.cgi. No detailed vulnerability details are...

PT-2024-1321 · Totolink · Totolink N200Re

Name of the Vulnerable Software and Affected Versions: Totolink N200RE versions 9.3.5u.6139 B20201216 Description: The issue is related to a stack-based buffer overflow in the setDiagnosisCfg function of the /cgi-bin/cstecgi.cgi file, caused by the manipulation of the ip argument. This can be...

TOTOLINK LR1200GB setDiagnosisCfg function buffer overflow vulnerability

The TOTOLINK LR1200GB is a wireless dual-band 4G LTE router from China's TOTOLINK Electronics TOTOLINK that supports 2.4GHz and 5GHz dual-band networks. The TOTOLINK LR1200GB suffers from a buffer overflow vulnerability hole, which originates from the ip parameter of the setDiagnosisCfg function ...

The vulnerability of the setDiagnosisCfg function in the /cgi-bin/cstecgi.cgi file of the Totolink LR1200GB router’s microprogramming system allows a intruder to execute arbitrary code or cause a service failure.

The vulnerability of the setDiagnosisCfg function in the /cgi-bin/cstecgi.cgi file of the Totolink LR1200GB router’s microprogramming system is related to the issue of the operation exceeding the buffer limits in memory when processing the ip parameter. Exploiting this vulnerability allows an...

TOTOLINK A3300R setDmzCfg Method Command Injection Vulnerability

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the ip parameter of the setDmzCfg method failing to correctly filter constructed command special characters...

CVE-2024-23060

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function...

TOTOLINK N200RE setDiagnosisCfg Function Command Injection Vulnerability

The TOTOLINK N200RE is a wireless broadband router for small office or home SOHO environments. The TOTOLINK N200RE suffers from a command injection vulnerability that stems from a failure to properly filter the ip parameter of the setDiagnosisCfg function on the /cgi-bin/cstecgi.cgi page for...