12 matches found
CVE-2025-60702
TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL is affected by a command-injection in the system.so binary. The setDiagnosisCfg function reads the ipDoamin parameter from user input via websGetVar and directly concatenates it into a ping command executed by CsteSystem(), without sanitiza...
VulnCheck KEV: CVE-2022-28908
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...
CVE-2022-28908
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...
CVE-2024-7175
A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182B20201102 and classified as critical. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ipDoamin leads to os command injection. The attack can be initiated...
CVE-2022-28908
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...
CVE-2022-28908
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...
Command injection
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...
CVE-2022-28908
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg...
PT-2022-19303 · Totolink · Totolink N600R
Name of the Vulnerable Software and Affected Versions: TOTOLink N600R version V5.3c.7159 B20190425 Description: A command injection issue was discovered via the ipdoamin parameter in the "/setting/setDiagnosisCfg" API endpoint. Recommendations: For TOTOLink N600R version V5.3c.7159 B20190425, as ...
TOTOLINK N600R 操作系统命令注入漏洞
TOTOLINK N600R is a wireless router from Taiwan-based Gion Electronics TOTOLINK, China.A command injection vulnerability exists in TOTOLINK N600R, which can be exploited by attackers to conduct command injection attacks via the ipdoamin parameter in /setting/setDiagnosisCfg...
CVE-2022-26207
Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDiagnosisCfg, via the...
PT-2022-17722 · Totolink · Totolink A3100R +5
Name of the Vulnerable Software and Affected Versions: Totolink A830R version 5.9c.4729 B20191112 Totolink A3100R version 4.1.2cu.5050 B20200504 Totolink A950RG version 4.1.2cu.5161 B20200903 Totolink A800R version 4.1.2cu.5137 B20200730 Totolink A3000RU version 5.9c.5185 B20201128 Totolink A810R...