Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

RedhatCVE
RedhatCVEadded 2025/11/14 12:1 a.m.1 views

CVE-2025-60702

A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the system.so binary. The setDiagnosisCfg function retrieves the ipDoamin parameter from user input via websGetVar and concatenates it directly into a ping system command executed via...

6.5CVSS8.4AI score0.00517EPSS
Exploits1References1
NVD
NVDadded 2025/11/13 8:15 p.m.2 views

CVE-2025-60702

A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the system.so binary. The setDiagnosisCfg function retrieves the ipDoamin parameter from user input via websGetVar and concatenates it directly into a ping system command executed via...

6.5CVSS0.00517EPSS
Exploits1References3
CVE
CVEadded 2025/11/13 12:0 a.m.7 views

CVE-2025-60702

TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL is affected by a command-injection in the system.so binary. The setDiagnosisCfg function reads the ipDoamin parameter from user input via websGetVar and directly concatenates it into a ping command executed by CsteSystem(), without sanitiza...

6.5CVSS8AI score0.00517EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2025/11/13 12:0 a.m.2 views

PT-2025-46902

Name of the Vulnerable Software and Affected Versions TOTOLINK A950RG Router firmware versions V5.9c.4592 B20191022 ALL Description A command injection issue exists in the TOTOLINK A950RG Router firmware. The setDiagnosisCfg function retrieves the ipDoamin parameter from user input via websGetVar...

6.5CVSS8.1AI score0.00517EPSS
Exploits1References7
VulnCheck KEV
VulnCheck KEVadded 2025/07/21 12:0 a.m.2 views

VulnCheck KEV: CVE-2022-28908

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...

10CVSS5.8AI score0.10259EPSS
In wildExploits1References2
RedhatCVE
RedhatCVEadded 2025/05/23 12:16 a.m.6 views

CVE-2022-28908

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...

10CVSS7.9AI score0.10259EPSS
Exploits1References1
OSV
OSVadded 2024/07/29 1:15 a.m.3 views

CVE-2024-7175

A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182B20201102 and classified as critical. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ipDoamin leads to os command injection. The attack can be initiated...

8.8CVSS5.6AI score0.02464EPSS
Exploits1References4
CNVD
CNVDadded 2022/06/08 12:0 a.m.10 views

TOTOLINK EX1200T Remote Command Injection Vulnerability

TOTOLINK EX1200T is a wireless signal booster. a remote command injection vulnerability exists in the setDiagnosisCfg function in the lib/cstemodules/system.so file in TOTOLINK EX1200T V4.1.2cu.5215. An attacker can exploit this vulnerability to take control of ipDoamin...

10CVSS2.8AI score0.07583EPSS
Exploits1References1
OSV
OSVadded 2022/06/02 7:15 p.m.1 views

CVE-2021-42875

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cstemodules/system.so to control the ipDoamin...

9.8CVSS5.8AI score
Exploits0References3
Prion
Prionadded 2022/06/02 7:15 p.m.19 views

Command injection

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cstemodules/system.so to control the ipDoamin...

10CVSS9.6AI score0.07583EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2022/06/02 6:52 p.m.13 views

CVE-2021-42875

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cstemodules/system.so to control the ipDoamin...

9.8AI score0.07583EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2022/05/10 2:15 p.m.1 views

CVE-2022-28908

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...

10CVSS7.2AI score0.10259EPSS
Exploits1References2
OSV
OSVadded 2022/05/10 2:15 p.m.0 views

CVE-2022-28908

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...

9.8CVSS7.3AI score
Exploits0References1
Prion
Prionadded 2022/05/10 2:15 p.m.17 views

Command injection

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...

10CVSS9.7AI score0.10259EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/05/10 1:16 p.m.16 views

CVE-2022-28908

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...

10AI score0.10259EPSS
Exploits1References1
CNNVD
CNNVDadded 2022/05/10 12:0 a.m.2 views

TOTOLINK N600R 操作系统命令注入漏洞

TOTOLINK N600R is a wireless router from Taiwan-based Gion Electronics TOTOLINK, China.A command injection vulnerability exists in TOTOLINK N600R, which can be exploited by attackers to conduct command injection attacks via the ipdoamin parameter in /setting/setDiagnosisCfg...

10CVSS8.4AI score0.10259EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2022/05/10 12:0 a.m.4 views

PT-2022-19303 · Totolink · Totolink N600R

Name of the Vulnerable Software and Affected Versions: TOTOLink N600R version V5.3c.7159 B20190425 Description: A command injection issue was discovered via the ipdoamin parameter in the "/setting/setDiagnosisCfg" API endpoint. Recommendations: For TOTOLink N600R version V5.3c.7159 B20190425, as ...

10CVSS9.7AI score0.10259EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2022/03/15 10:15 p.m.1 views

CVE-2022-26207

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDiagnosisCfg, via the...

9.8CVSS6.1AI score0.17336EPSS
Exploits1References2
OSV
OSVadded 2022/03/15 10:15 p.m.0 views

CVE-2022-26207

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDiagnosisCfg, via the...

9.8CVSS7.5AI score
Exploits0References1
NVD
NVDadded 2022/03/15 10:15 p.m.13 views

CVE-2022-26207

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDiagnosisCfg, via the...

9.8CVSS0.17336EPSS
Exploits1References1
Rows per page
Query Builder