CVE-2022-48093

Seacms v12.7 was discovered to contain a remote code execution RCE vulnerability via the ip parameter at admin ip.php...

SeaCMS 代码注入漏洞

SeaCMS is a free and open source web content management system written in PHP. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS v12.7, which stems from the manipulation of the ip parameter in its admin ip.php component that allows an...

PT-2022-27634 · Ip Com · Ip-Com M50

Name of the Vulnerable Software and Affected Versions: IP-COM M50 version 15.11.0.3310768 Description: The issue is related to multiple buffer overflows that can occur via the ip, mac, and remark parameters in the formIPMacBindModify function. Recommendations: For IP-COM M50 version...

CVE-2022-4214

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ip' parameter on the 'chainedquizlist' page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

TOTOLINK LR350 setDiagnosisCfg function buffer overflow vulnerability

TOTOLINK LR350 is a 4G LTE router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. A buffer overflow vulnerability exists in the TOTOLINK LR350. The vulnerability stems from a buffer overflow after authentication via the...

CVE-2022-44253

TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter ip in the setDiagnosisCfg function...

CVE-2022-44253

CVE-2022-44253 affects TOTOLINK LR350 (version 9.3.5u.6369_B20220309). A post-authentication buffer overflow is triggered via the ip parameter in the setDiagnosisCfg function, with potential for remote code execution as indicated by multiple sources. The NVD/NIST entry rates impact as high (CVSS ...

PT-2022-27152 · Totolink · Totolink Lr350

Name of the Vulnerable Software and Affected Versions: TOTOLINK LR350 version 9.3.5u.6369 B20220309 Description: The issue is a post-authentication buffer overflow that occurs via the ip parameter in the setDiagnosisCfg function. This allows for potential exploitation after authentication has bee...

PT-2022-23907 · Unknown · Seccome Ehoney

Name of the Vulnerable Software and Affected Versions: seccome Ehoney affected versions not specified Description: A critical issue has been found in seccome Ehoney, affecting the processing of the file "/api/v1/attack". The manipulation of the AttackIP argument leads to SQL injection. This issue...

D-Link DIR-816 A2 缓冲区错误漏洞

The D-Link DIR-816 A2 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which originates from a stack overflow in the srcip parameter of /goform/form2IPQoSTcAdd...

TOTOLINK NR1800X ip parameter buffer overflow vulnerability in setDiagnosisCfg method

TOTOLINK NR1800X is a 5G NR indoor Wi-Fi and SIP CPE broadband access device from China's Gion Electronics TOTOLINK, which is mainly used for the deployment of NR fixed data services in homes and offices to support 5G NR network connectivity. The TOTOLINK NR1800X suffers from a buffer overflow...

CVE-2022-37083

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg...

Command injection

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg...

CVE-2022-37075

TOTOLink A7000R V9.1.0u.6115B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg...

CVE-2022-36481

TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg...

CVE-2022-36481

TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg...

Stack overflow

TOTOLINK A3700R V9.1.2u.6134B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg...

Stack overflow

TOTOLink A7000R V9.1.0u.6115B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg...

Command injection

TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg...

CVE-2022-37083

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg...