Lucene search
K

26 matches found

Cvelist
Cvelist
added 2022/05/10 1:17 p.m.36 views

CVE-2022-28910

TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName...

10AI score0.02463EPSS
Exploits1References1
CVE
CVE
added 2022/05/10 1:16 p.m.99 views

CVE-2022-28905

TOTOLink N600R (versions including V5.3c.7159_B20190425) contains a command injection vulnerability reachable through the devicemac parameter in the /setting/setDeviceName API. The root cause is an unsafely handled input in the devicemac field, enabling arbitrary command execution on the device. ...

10CVSS9.8AI score0.02463EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/05/10 12:0 a.m.4 views

TOTOLINK N600R 操作系统命令注入漏洞

TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK, China.A command injection vulnerability exists in TOTOLINK N600R, which can be exploited by attackers to conduct command injection attacks via the devicemac parameter in /setting/setDeviceName...

10CVSS8.5AI score0.02463EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/05/10 12:0 a.m.5 views

PT-2022-19305 · Totolink · Totolink N600R

Name of the Vulnerable Software and Affected Versions: TOTOLink N600R version V5.3c.7159 B20190425 Description: A command injection issue was found via the devicename parameter in the "/setting/setDeviceName" API endpoint. This allows for potential exploitation. Recommendations: For TOTOLink N600...

10CVSS9.5AI score0.02463EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/10 12:0 a.m.3 views

TOTOLINK N600R 操作系统命令注入漏洞

TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK, which is vulnerable to a command injection attack via the devicename parameter in /etting/setDeviceName...

10CVSS8.5AI score0.02463EPSS
Exploits1References2
OSV
OSV
added 2022/03/15 10:15 p.m.3 views

CVE-2022-26212

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setDeviceName, via the deviceM...

9.8CVSS7.5AI score0.02806EPSS
Exploits1References1
Rows per page
Query Builder