Lucene search
K

229 matches found

CNNVD
CNNVD
added 2024/01/11 12:0 a.m.5 views

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK A3700R v9.1.2u.5822B20200513, which stems from the NTPSyncWithHost method failing to properly filter construct command special characters, commands, and so on. An...

9.8CVSS7.8AI score0.01668EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/01/11 12:0 a.m.22 views

CVE-2023-52027

TOTOlink A3700R v9.1.2u.5822B20200513 was discovered to contain a remote command execution RCE vulnerability via the NTPSyncWithHost function...

7.7AI score0.01668EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.6 views

PT-2024-14361 · Totolink · Totolink A3700R

Name of the Vulnerable Software and Affected Versions: TOTOlink A3700R version 9.1.2u.5822 B20200513 Description: The issue is related to a remote command execution RCE vulnerability. It can be exploited via the NTPSyncWithHost function. Recommendations: For version 9.1.2u.5822 B20200513, conside...

9.8CVSS9.5AI score0.01668EPSS
Exploits1References5
CVE
CVE
added 2024/01/11 12:0 a.m.47 views

CVE-2023-52027

CVE-2023-52027 affects TOTOLINK A3700R (v9.1.2u.5822_B20200513). The NTPSyncWithHost function allows remote command execution due to insufficient filtering of constructed commands, enabling arbitrary commands to be run by an attacker with network access. Public sources corroborate RCE via NTPSync...

9.8CVSS9.6AI score0.01668EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/01/08 4:15 a.m.5 views

CVE-2024-0296

A vulnerability has been found in Totolink N200RE 9.3.5u.6139B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hosttime leads to os command injection. The attack can be initiated remotel...

9.8CVSS5.6AI score0.03834EPSS
Exploits1References3
NVD
NVD
added 2024/01/08 4:15 a.m.19 views

CVE-2024-0296

A vulnerability has been found in Totolink N200RE 9.3.5u.6139B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hosttime leads to os command injection. The attack can be initiated remotel...

9.8CVSS8.2AI score0.03834EPSS
Exploits1References3
Prion
Prion
added 2024/01/08 4:15 a.m.21 views

Command injection

A vulnerability has been found in Totolink N200RE 9.3.5u.6139B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hosttime leads to os command injection. The attack can be initiated remotel...

7.5CVSS7.6AI score0.03834EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/01/08 4:0 a.m.17 views

CVE-2024-0296 Totolink N200RE cstecgi.cgi NTPSyncWithHost os command injection

A vulnerability has been found in Totolink N200RE 9.3.5u.6139B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hosttime leads to os command injection. The attack can be initiated remotel...

7.5CVSS10AI score0.03834EPSS
Exploits1References3
CVE
CVE
added 2024/01/08 4:0 a.m.55 views

CVE-2024-0296

Totolink N200RE v9.3.5u.6139_B20201216 is affected by OS command injection in the NTPSyncWithHost function of /cgi-bin/cstecgi.cgi. The vulnerability stems from improper handling of the host_time parameter, enabling remote command execution. Public exploit/disclosure exists. Affected product: Tot...

9.8CVSS9.7AI score0.03834EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2024/01/08 12:0 a.m.4 views

TOTOLINK N200RE 操作系统命令注入漏洞

The TOTOLINK N200RE is a router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the TOTOLINK N200RE version 9.3.5u.6139B20201216, which stems from a failure to properly filter the hosttime parameter of the NTPSyncWithHost function on the...

9.8CVSS7.8AI score0.03834EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/01/07 12:0 a.m.4 views

PT-2024-1061 · Totolink · Totolink N200Re

Name of the Vulnerable Software and Affected Versions: Totolink N200RE version 9.3.5u.6139 B20201216 Description: A critical issue has been identified in the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument host time leads to os command injection. This...

10CVSS7.7AI score0.03834EPSS
Exploits1References9
CNVD
CNVD
added 2024/01/03 12:0 a.m.8 views

TOTOLINK EX1800T NTPSyncWithHost Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T version v9.1.0cu.2112B20220316. The vulnerability stems from the hosttime parameter of the NTPSyncWithHost interface of cstecgi .cgi failing to...

9.8CVSS7.1AI score0.0097EPSS
Exploits1References1
CNVD
CNVD
added 2024/01/03 12:0 a.m.2 views

TOTOLINK EX1200L NTPSyncWithHost Interface Command Execution Vulnerability

TOTOLINK EX1200L is a dual-band wireless signal booster, mainly used to extend Wi-Fi coverage in home or office environments, solving the problem of weak signals or dead spots. The TOTOLINK EX1200L suffers from a command execution vulnerability that stems from the NTPSyncWithHost interface of...

9.8CVSS7.4AI score0.01297EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/01/02 12:0 a.m.8 views

The vulnerability of the NTPSyncWithHost interface of the TOTOlink EX1800T Wi-Fi range extender software allows a intruder to execute arbitrary commands.

The vulnerability of the NTPSyncWithHost interface of the TOTOlink EX1800T Wi-Fi extension software exists due to the failure to eliminate the special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using th...

10CVSS8.1AI score0.0097EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/12/22 7:15 p.m.3 views

CVE-2023-51035

TOTOLINK EX1200L V9.3.5u.6146B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface...

9.8CVSS6.1AI score0.01297EPSS
Exploits1References2
NVD
NVD
added 2023/12/22 7:15 p.m.20 views

CVE-2023-51035

TOTOLINK EX1200L V9.3.5u.6146B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface...

9.8CVSS0.01297EPSS
Exploits1References1
OSV
OSV
added 2023/12/22 7:15 p.m.7 views

CVE-2023-51035

TOTOLINK EX1200L V9.3.5u.6146B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface...

9.8CVSS6AI score0.01297EPSS
Exploits1References1
Prion
Prion
added 2023/12/22 7:15 p.m.30 views

Design/Logic Flaw

TOTOLINK EX1200L V9.3.5u.6146B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface...

7.5CVSS7.5AI score0.01297EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/12/22 6:15 p.m.5 views

CVE-2023-51023

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to arbitrary command execution in the ‘hosttime’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi...

9.8CVSS6AI score0.0097EPSS
Exploits1References1
NVD
NVD
added 2023/12/22 6:15 p.m.23 views

CVE-2023-51023

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to arbitrary command execution in the ‘hosttime’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi...

9.8CVSS0.0097EPSS
Exploits1References1
Rows per page
Query Builder