49 matches found
TOTOLINK A3600R setNoticeCfg function command injection vulnerability
TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK A3600R version 4.1.2cu.5182B20201102. The vulnerability stems from the failure of the function setNoticeCfg in the file /cgi-bin/cstecgi.cgi in the...
CVE-2026-5020
A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...
CVE-2026-5020
A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...
CVE-2026-5020 Totolink A3600R Parameter cstecgi.cgi setNoticeCfg command injection
A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...
CVE-2026-5020
A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...
CVE-2026-5020 Totolink A3600R Parameter cstecgi.cgi setNoticeCfg command injection
A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...
PT-2026-28734
Name of the Vulnerable Software and Affected Versions Totolink A3600R version 4.1.2cu.5182 B20201102 Description A command injection issue exists in the setNoticeCfg function within the /cgi-bin/cstecgi.cgi file of the Parameter Handler component. Manipulation of the NoticeUrl argument can allow...
EUVD-2025-12219
Malicious code in bioql PyPI...
EUVD-2025-12217
Malicious code in bioql PyPI...
EUVD-2025-14035
Malicious code in bioql PyPI...
EUVD-2025-14036
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2025-28036
TOTOLINK A950RG V4.1.2cu.5161B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter...
The vulnerability of the setNoticeCfg() function in the TOTOLink A950RG router’s microprogramming software allows a intruder to execute arbitrary commands and gain full control over the device.
The vulnerability of the setNoticeCfg function in the TOTOLink A950RG router’s microprogramming software lies in the lack of measures taken to clean up data at the control level when processing the IpTo parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary command...
The vulnerability of the setNoticeCfg function in the Totolink-A810R router’s microprogramming software allows a hacker to execute any command or cause a service failure.
The vulnerability of the setNoticeCfg function in the Totolink-A810R router microprogramming system exists due to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...
CVE-2025-45798
A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204B20210112. The vulnerability is located in the setNoticeCfg interface within the /lib/cstemodules/system.so library, specifically in the processing of the IpTo parameter...
CVE-2025-45798
A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204B20210112. The vulnerability is located in the setNoticeCfg interface within the /lib/cstemodules/system.so library, specifically in the processing of the IpTo parameter...
CVE-2025-45798
A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204B20210112. The vulnerability is located in the setNoticeCfg interface within the /lib/cstemodules/system.so library, specifically in the processing of the IpTo parameter...
CVE-2025-45798
A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204B20210112. The vulnerability is located in the setNoticeCfg interface within the /lib/cstemodules/system.so library, specifically in the processing of the IpTo parameter...
CVE-2025-45797
CVE-2025-45797 affects TOTOLINK A950RG (V4.1.2cu.5204_B20210112). The vulnerability is a buffer overflow in the setNoticeCfg interface’s NoticeUrl parameter validation within /lib/cste_modules/system.so, due to improper input length handling. Public sources describe potential arbitrary code execu...
TOTOLINK A950RG 安全漏洞
The TOTOLINK A950RG is an ultra-generation Giga wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A950RG suffers from a command execution vulnerability that originates from the failure of the setNoticeCfg interface IpTo parameter in /lib/cstemodules/system.so to correctly filte...