Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

332 matches found

Vulnrichment
Vulnrichmentadded 2024/01/11 12:0 a.m.2 views

CVE-2024-23060

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function...

9.9AI score0.017EPSS
Exploits1References1
CNVD
CNVDadded 2024/01/11 12:0 a.m.4 views

TOTOLINK N200RE setDiagnosisCfg Function Command Injection Vulnerability

The TOTOLINK N200RE is a wireless broadband router for small office or home SOHO environments. The TOTOLINK N200RE suffers from a command injection vulnerability that stems from a failure to properly filter the ip parameter of the setDiagnosisCfg function on the /cgi-bin/cstecgi.cgi page for...

9.8CVSS7.7AI score0.03834EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/01/07 12:0 a.m.3 views

PT-2024-1059 · Totolink · Totolink N200Re

Name of the Vulnerable Software and Affected Versions: Totolink N200RE version 9.3.5u.6139 B20201216 Description: A critical issue has been found in the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to...

10CVSS7.8AI score0.03834EPSS
Exploits1References9
NVD
NVDadded 2023/12/20 10:15 p.m.18 views

CVE-2023-50992

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function...

9.8CVSS0.00869EPSS
Exploits1References2
OSV
OSVadded 2023/12/20 10:15 p.m.2 views

CVE-2023-50984

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function...

9.8CVSS6.2AI score0.00869EPSS
Exploits1References2
NVD
NVDadded 2023/12/20 10:15 p.m.18 views

CVE-2023-50984

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function...

9.8CVSS0.00869EPSS
Exploits1References2
CNNVD
CNNVDadded 2023/12/20 12:0 a.m.2 views

Tenda i29 安全漏洞

The Tenda i29 is a wireless router from the Chinese company Tenda. The Tenda i29 suffers from a buffer overflow vulnerability that originates from the ip parameter of the spdtstConfigAndStart method failing to properly validate the length and size of the input data, which can be exploited by a...

9.8CVSS8.3AI score0.00869EPSS
Exploits1References2
CVE
CVEadded 2023/12/20 12:0 a.m.38 views

CVE-2023-50992

CVE-2023-50992 affects the Tenda i29 router (version V1.0.0.5). A vulnerability in the setPing function allows a stack overflow via the ip parameter, potentially enabling arbitrary code execution. Public sources consistently describe a buffer/stack overflow in this function; no exploits are docum...

9.8CVSS9.6AI score0.00869EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2023/12/20 12:0 a.m.46 views

CVE-2023-50984

CVE-2023-50984 affects the Tenda i29 router (v1.0.0.5, i29 series) due to a buffer overflow in the spdtstConfigAndStart function triggered by the ip parameter. The root cause is insufficient validation of the input length/size on the ip parameter, allowing a potential remote exploit. NVD/Red Hat/...

9.8CVSS9.8AI score0.00869EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2023/12/20 12:0 a.m.19 views

CVE-2023-50992

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function...

9.9AI score0.00869EPSS
Exploits1References2
CNVD
CNVDadded 2023/12/05 12:0 a.m.4 views

TOTOLINK X6000R IP Parameter Command Execution Vulnerability

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R suffers from a command execution vulnerability that stems from the IP parameter of the setDiagnosisCfg component failing to properly filter constructed command special characters, commands, and so on...

9.8CVSS7.2AI score0.01521EPSS
Exploits1References1
NVD
NVDadded 2023/12/01 2:15 a.m.11 views

CVE-2023-43453

An issue in TOTOLINK X6000R V9.4.0cu.652B20230116 and V9.4.0cu.852B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component...

9.8CVSS0.01521EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2023/12/01 2:15 a.m.3 views

CVE-2023-43453

An issue in TOTOLINK X6000R V9.4.0cu.652B20230116 and V9.4.0cu.852B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component...

9.8CVSS6.2AI score0.01521EPSS
Exploits1References2
Cvelist
Cvelistadded 2023/12/01 12:0 a.m.12 views

CVE-2023-43453

An issue in TOTOLINK X6000R V9.4.0cu.652B20230116 and V9.4.0cu.852B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component...

9.8AI score0.01521EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2023/12/01 12:0 a.m.4 views

PT-2023-28825 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R versions V9.4.0cu.652 B20230116 through V9.4.0cu.852 B20230719 Description: The issue allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component. Recommendations: For versions...

9.8CVSS9.5AI score0.01521EPSS
Exploits1References3
OSV
OSVadded 2023/10/16 6:15 a.m.3 views

CVE-2023-45575

Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

9.8CVSS6.1AI score0.01242EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2023/10/16 6:15 a.m.4 views

CVE-2023-45575

Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

9.8CVSS7.7AI score0.01242EPSS
Exploits1References2
CNNVD
CNNVDadded 2023/10/16 12:0 a.m.2 views

D-Link DI-7003G Buffer Error Vulnerability

The D-Link DI-7003G is a wireless router from China-based D-Link. A security vulnerability exists in the D-Link DI-7003G, which can be exploited to execute arbitrary code via the ip parameter of the ipposition.asp function...

9.8CVSS7.8AI score0.01242EPSS
Exploits1References2
CNNVD
CNNVDadded 2023/10/03 12:0 a.m.4 views

DTS Monitoring Operating System Command Injection Vulnerability

DTS Monitoring is an information system monitoring platform from DTS Corporation. An operating system command injection vulnerability exists in DTS Monitoring version 3.57.0, which originates from the ip parameter in the Ping check function being susceptible to operating system command injection...

9.8CVSS7.4AI score0.02503EPSS
Exploits1References2
OSV
OSVadded 2023/07/07 8:15 p.m.1 views

CVE-2023-37172

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function...

9.8CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder