25 matches found
EUVD-2026-31544
A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument mode can lead to os command injection. It is possible to...
CVE-2025-12259
A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...
EUVD-2024-53498
Malicious code in bioql PyPI...
EUVD-2024-53497
Malicious code in bioql PyPI...
EUVD-2024-53493
Malicious code in bioql PyPI...
EUVD-2024-53496
Malicious code in bioql PyPI...
CVE-2024-57021
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg...
CVE-2024-57020
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg...
CVE-2024-57011
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg...
CVE-2024-57024
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "eMinute" parameter in setWiFiScheduleCfg...
CVE-2024-57020
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg...
CVE-2024-57011
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg...
CVE-2024-57021
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg...
CVE-2024-57012
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setScheduleCfg...
TOTOLINK X5000R 安全漏洞
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. The TOTOLINK X5000R suffers from a command injection vulnerability that stems from the "desc" parameter in setWiFiScheduleCfg failing to properly filter constructed command special characters, commands, etc. This vulnerabilit...
CVE-2024-57025
TOTOLINK X5000R (version 9.1.0cu.2350_B20230313) is affected by an OS command injection in the setWiFiScheduleCfg function, exploitable via the desc parameter. The issue stems from inadequate validation of command-related input, enabling arbitrary command execution. Several connected sources corr...
CVE-2024-57022
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg...
CVE-2024-57023
CVE-2024-57023 affects TOTOLINK X5000R (version 9.1.0cu.2350_B20230313). The issue is an OS command injection in the function setWiFiScheduleCfg, caused by improper filtering of special characters in the "week" parameter, enabling arbitrary command execution. Documented impact includes potential ...
CVE-2024-57015
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "hour" parameter in setScheduleCfg...
CVE-2024-57024
TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain an OS command injection vulnerability via the "eMinute" parameter in setWiFiScheduleCfg...