The vulnerability of the “Main” function in the microprogramming software of the TOTOLink A950RG allows a intruder to execute arbitrary commands.

The vulnerability of the “Main” function in the TOTOLink A950RG microcontroller software is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands through the QUERYSTRING parameter...

PT-2022-9062 · Unknown · Get-Npm-Package-Version

Name of the Vulnerable Software and Affected Versions: get-npm-package-version versions prior to 1.0.7 Description: The issue concerns Command Injection via the main function in index.js. Recommendations: For versions prior to 1.0.7, update to version 1.0.7 or later to resolve the issue. As a...

The vulnerability of the “Main” function in the TOTOLink A860R microcontroller software allows a intruder to execute any command they desire.

The vulnerability of the “Main” function in the TOTOLink A860R microcontroller software is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands through the QUERYSTRING parameter...

The vulnerability of the “Main” function in the microprogramming software of the TOTOLink A3600R router allows a intruder to execute arbitrary commands.

The vulnerability of the “Main” function in the microprogramming software for the TOTOLink A3600R router lies in the lack of measures to sanitize input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands through the QUERYSTRING parameter...

The vulnerability of the “Main” function in the microprogramming software of the TOTOLink A800R router allows a intruder to execute arbitrary commands.

The vulnerability of the “Main” function in the microprogramming software for the TOTOLink A800R router is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands through the QUERYSTRING parameter...

The vulnerability of the “Main” function in the microprogramming software of the TOTOLink A810R router allows a intruder to execute arbitrary commands.

The vulnerability of the “Main” function in the microprogramming software for the TOTOLink A810R router is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands through the QUERYSTRING parameter...

The vulnerability of the “Main” function in the microprogramming software of the TOTOLink A830R router allows a intruder to execute arbitrary commands.

The vulnerability of the “Main” function in the TOTOLink A830R microcontroller-based router software is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands through the QUERYSTRING parameter...

The vulnerability of the Main function in the microprogrammed software of TOTOLink T10 allows a hacker to execute arbitrary commands.

The vulnerability of the Main function in the microprogrammed routing software TOTOLink T10 is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands through the QUERYSTRING parameter...

Command Injection

codecov is vulnerable to command injection. The vulnerability exists due to the lack of sanitization in the gcov arguments in the main function of init.py, allowing an attacker to inject and execute malicious commands before being provided to the Popen functionality...

Command Injection

Nuitka is vulnerable to command injection. The vulnerability exists in the main function of main.py, allowing an attacker with the privileges of the running program by setting NUITKAPYTHONPATH, NUITKANAMESPACES or NUITKAPTHIMPORTED to inject and execute malicious payload strings...

CVE-2021-42200

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function main located in swfdump.c. It allows an attacker to cause Denial of Service...

Null pointer dereference

An issue was discovered in swftools through 20201222. A NULL pointer dereference exists in the function main located in swfdump.c. It allows an attacker to cause Denial of Service...

Swftools 代码问题漏洞

Swftools is a set of utilities for working with Adobe Flash files SWF files. A null pointer dereference vulnerability exists in Swftools 2020-12-22 and earlier versions, which stems from the presence of a NULL pointer dereference in the function main located in swfdump.c. The vulnerability can be...

TOTOLINK N600R Command Injection Vulnerability (CNVD-2022-53559)

TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK Electronics. TOTOLINK N600R has a command injection vulnerability, which originates from the "Main" function containing command injection, and can be exploited to execute arbitrary commands via the QUERYSTRING parameter...

CVE-2022-27411

TOTOLINK N600R v5.3c.5507B20171031 was discovered to contain a command injection vulnerability via the QUERYSTRING parameter in the "Main" function...

CVE-2022-27411

TOTOLINK N600R v5.3c.5507B20171031 was discovered to contain a command injection vulnerability via the QUERYSTRING parameter in the "Main" function...

Command injection

TOTOLINK N600R v5.3c.5507B20171031 was discovered to contain a command injection vulnerability via the QUERYSTRING parameter in the "Main" function...

CVE-2022-27411

TOTOLINK N600R is affected by a command injection vulnerability in the Main function, exploitable via the QUERY_STRING parameter. The issue affects version 5.3c.5507_B20171031 and can allow remote command execution over the network without user interaction. Multiple connected sources corroborate ...

CVE-2022-27411

TOTOLINK N600R v5.3c.5507B20171031 was discovered to contain a command injection vulnerability via the QUERYSTRING parameter in the "Main" function...

PT-2022-18408 · Totolink · Totolink N600R

Name of the Vulnerable Software and Affected Versions: TOTOLINK N600R version 5.3c.5507 B20171031 Description: A command injection issue was discovered via the QUERY STRING parameter in the Main function. This allows for potential exploitation. Recommendations: For TOTOLINK N600R version 5.3c.550...