8 matches found
CVE-2022-37083
TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg...
CVE-2024-2353
A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu.85220230719. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation of the argument ip leads to os command injection. The attack may be...
TOTOLINK LR1200GB 安全漏洞
The TOTOLINK LR1200GB is a wireless dual-band 4G LTE router from China's TOTOLINK Electronics TOTOLINK that supports 2.4GHz and 5GHz dual-band networks. The TOTOLINK LR1200GB suffers from a buffer overflow vulnerability hole, which originates from the ip parameter of the setDiagnosisCfg function ...
CVE-2024-0298
A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216. It has been classified as critical. Affected is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to launch the attack remotely. The...
PT-2023-28825 · Totolink · Totolink X6000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R versions V9.4.0cu.652 B20230116 through V9.4.0cu.852 B20230719 Description: The issue allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component. Recommendations: For versions...
TOTOLINK X6000R 安全漏洞
TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R suffers from a command execution vulnerability that stems from the IP parameter of the setDiagnosisCfg component failing to properly filter constructed command special characters, commands, and so on...
CVE-2023-36952
TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...
CVE-2022-37083
TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg...