Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

VulnCheck KEV
VulnCheck KEVadded 2025/10/09 12:0 a.m.12 views

VulnCheck KEV: CVE-2025-1829

A vulnerability was found in TOTOLINK X18 9.1.0cu.2024B20220329. It has been declared as critical. This vulnerability affects the function setMtknatCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mtkhnatEnable leads to os command injection. The attack can be initiated...

8.8CVSS5.5AI score0.11413EPSS
In wildExploits1References3
BDU FSTEC
BDU FSTECadded 2025/03/27 12:0 a.m.5 views

The vulnerability of the sub_410C80() function in the cstecgi.cgi script of the TOTOLINK X18 router’s microprogramming system, which allows a hacker to execute arbitrary commands.

The vulnerability of the sub410C80 function in the cstecgi.cgi script of the TOTOLINK X18 router’s microprogramming system is related to the lack of data cleaning measures at the control level when processing the mtkhnatEnable parameter. Exploiting this vulnerability allows an attacker to execute...

6.5CVSS6.9AI score0.11413EPSS
Exploits1References5Affected Software1
CNVD
CNVDadded 2025/03/07 12:0 a.m.6 views

TOTOLINK X18 Command Injection Vulnerability

TOTOLINK X18 is a Gigabit router from China's Gion Electronics TOTOLINK. The TOTOLINK X18 suffers from a command injection vulnerability that stems from the mtkhnatEnable parameter of the setMtknatCfg function of the /cgi-bin/cstecgi.cgi file that does not filter command parameters. No details of...

8.8CVSS6.5AI score0.11413EPSS
Exploits1References1
OSV
OSVadded 2025/03/02 7:15 p.m.4 views

CVE-2025-1829

A vulnerability was found in TOTOLINK X18 9.1.0cu.2024B20220329. It has been declared as critical. This vulnerability affects the function setMtknatCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mtkhnatEnable leads to os command injection. The attack can be initiated...

8.8CVSS5.6AI score
Exploits0References5
CNNVD
CNNVDadded 2025/03/02 12:0 a.m.2 views

TOTOLINK X18 安全漏洞

TOTOLINK X18 is a Gigabit router from China's Gion Electronics TOTOLINK. The TOTOLINK X18 suffers from a command injection vulnerability that stems from the mtkhnatEnable parameter of the setMtknatCfg function of the /cgi-bin/cstecgi.cgi file that does not filter command parameters. No details of...

8.8CVSS7.6AI score0.11413EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/02/21 12:0 a.m.6 views

PT-2025-9194

Name of the Vulnerable Software and Affected Versions TOTOLINK X18 version 9.1.0cu.2024 B20220329 Description A critical issue exists in the setMtknatCfg function within the /cgi-bin/cstecgi.cgi file of the TOTOLINK X18 device. Manipulation of the mtkhnatEnable argument can lead to operating syst...

8.8CVSS6.7AI score0.11413EPSS
Exploits1References14
Rows per page
Query Builder