6 matches found
CVE-2025-2094
A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. It has been rated as critical. Affected by this issue is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliKey/key leads to os command injection. The attack may be launche...
TOTOLINK EX200 setWiFiExtenderConfig method key parameter cross-site scripting vulnerability
TOTOLINK EX200 is a 2.4GHz wireless N range extender launched by China Gion Electronics, which is mainly used to extend the coverage of the existing Wi-Fi network and solve the problem of signal blind zones. TOTOLINK EX200 suffers from a cross-site scripting vulnerability, which stems from the la...
CVE-2024-32326
TOTOLINK EX200 V4.0.3c.7646B20201211 contains a Cross-site scripting XSS vulnerability through the key parameter in the setWiFiExtenderConfig function...
CVE-2024-32325
TOTOLINK EX200 V4.0.3c.7646B20201211 contains a Cross-site scripting XSS vulnerability through the ssid parameter in the setWiFiExtenderConfig function...
CVE-2023-51028
TOTOLINK EX1800T 9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi...
PT-2023-31742 · Totolink · Totolink Ex1800T
Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue concerns unauthorized arbitrary command execution. It is related to the apcliAuthMode parameter in the "setWiFiExtenderConfig" interface of the "cstecgi .cgi"...