CVE-2025-43989

The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices mishandles the settimesetting action with the ntpserver0 parameter, which is used in a system command. By setting a username=admin cookie bypassing normal session checks, an...

CVE-2025-43989

The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices mishandles the settimesetting action with the ntpserver0 parameter, which is used in a system command. By setting a username=admin cookie bypassing normal session checks, an...

CVE-2025-43989

CVE-2025-43989 affects Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLIC firmware 3.4.2731.16.43. The /goform/formJsonAjaxReq POST endpoint mishandles set_timesetting with ntpserver0; setting a username=admin cookie bypasses session checks and allows an unauthenticated attacker to execute arbitrary OS ...

CVE-2025-43989

The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices mishandles the settimesetting action with the ntpserver0 parameter, which is used in a system command. By setting a username=admin cookie bypassing normal session checks, an...

Tuoshi NR500-EA 安全漏洞

Tuoshi NR500-EA is a wireless router from Tuoshi China. A security vulnerability exists in the Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43, which stems from the incorrect operation of the parameter ntpserver0 in the settimesetting operation could lead to the execution of arbitrary commands...

CVE-2020-8007

The pwrstudio web application of EV Charger in the server in Circontrol Raption through 5.6.2 is vulnerable to OS command injection via three fields of the configuration menu for ntpserver0, ntpserver1, and pingip...

CVE-2020-8007

The pwrstudio web application of EV Charger in the server in Circontrol Raption through 5.6.2 is vulnerable to OS command injection via three fields of the configuration menu for ntpserver0, ntpserver1, and pingip...