CVE-2025-55893

TOTOLINK N200RE V9.3.5u.6437B20230519 is vulnerable to command Injection in setOpModeCfg via hostName...

CVE-2025-55893

TOTOLINK N200RE V9.3.5u.6437B20230519 is vulnerable to command Injection in setOpModeCfg via hostName...

CVE-2025-12258

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. Impacted is the function setOpModeCfg of the file /cgi-bin/cstecgi.cg of the component POST Parameter Handler. The manipulation of the argument opmode results in stack-based buffer overflow. The attack may be performed from...

PT-2025-43917

Name of the Vulnerable Software and Affected Versions TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description A flaw exists in TOTOLINK A3300R that could lead to a stack-based buffer overflow. The issue is located in the setOpModeCfg function within the /cgi-bin/cstecgi.cg file, specifically...

EUVD-2025-24104

Malicious code in bioql PyPI...

CVE-2025-8822

A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function algDisable of the file /goform/setOpMode. The manipulation of the argument opMode leads to stack-based buffer overflow. It is possible to launch the attack remotely...

CVE-2025-8816

A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function setOpMode of the file /goform/setOpMode. The manipulation of the argument ethConv leads to stack-based buffer overflow. It is possible to launch the attack remotely...

The vulnerability of the setOpModeCfg() function in the cstecgi.cgi script of the Totolink N200RE router’s microprogramming system, which allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the setOpModeCfg function in the cstecgi.cgi script of the Totolink N200RE router’s microprogramming system is related to the issue of operations going beyond the buffer boundaries in memory when processing the pppoeUser parameter. Exploiting this vulnerability could allow an...

CVE-2024-0997

A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216 and classified as critical. Affected by this issue is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-based buffer overflow. The attack may be launched remotely...

TOTOLINK LR1200GB setOpModeCfg function buffer overflow vulnerability

The TOTOLINK LR1200GB is a wireless dual-band 4G LTE router from China's TOTOLINK Electronics TOTOLINK that supports 2.4GHz and 5GHz dual-band networks. The TOTOLINK LR1200GB suffers from a buffer overflow vulnerability that originates from the pppoeUser parameter of the setOpModeCfg function of...

CVE-2024-22663

TOTOLINKA3700RV9.1.2u.616520211012has a command Injection vulnerability via setOpModeCfg...

CVE-2023-51033

TOTOlink EX1200L V9.3.5u.6146B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi setOpModeCfg interface...

PT-2023-3896 · Totolink · Totolink Lr350

Name of the Vulnerable Software and Affected Versions: TOTOLINK LR350 version 9.3.5u.6369 B20220309 Description: The issue is related to a command injection vulnerability via the hostname parameter in the setOpModeCfg function. This vulnerability is associated with a lack of input data...

TOTOLINK X18 命令注入漏洞

The TOTOLINK X18 is a mesh router system from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK X18 version V9.1.0cu.2024B20220329, which originates from a command injection vulnerability via the hostname parameter in the setOpModeCfg function...

TOTOLINK LR350 setOpModeCfg function buffer overflow vulnerability

TOTOLINK LR350 is a 4G LTE router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. A buffer overflow vulnerability exists in the TOTOLINK LR350. The vulnerability stems from a buffer overflow after authentication via the...

TOTOLINK LR350 缓冲区错误漏洞

TOTOLINK LR350 is a 4G LTE router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. A buffer overflow vulnerability exists in the TOTOLINK LR350. The vulnerability stems from a buffer overflow after authentication via the...

CVE-2022-37079

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg...

TOTOLINK A7000R 操作系统命令注入漏洞

The TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK A7000R version V9.1.0u.6115B20201022, which stems from a command injection issue in the hostName parameter of the setOpModeCfg method...