Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/04/27 4:16 p.m.1 views

CVE-2026-7138

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setNtpCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument tz results in os command injection. The attack can be executed remotely. The explo...

10CVSS0.01221EPSS
Exploits0References5
NVD
NVDadded 2026/04/06 11:16 p.m.2 views

CVE-2026-5689

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setNtpCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument tz results in os command injection. Remote exploitation of the attack is possible. The exploit is now...

7.5CVSS0.01153EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/06 12:0 a.m.3 views

PT-2026-30750

A vulnerability was detected in Totolink A7100RU 7.4cu.2313 b20191024. The affected element is the function setNtpCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument tz results in os command injection. Remote exploitation of the attack is possible. The exploit is now...

7.5CVSS6.9AI score0.01153EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/05/23 9:43 a.m.3 views

CVE-2024-23057

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function...

9.8CVSS7.9AI score0.0313EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/01/11 12:0 a.m.22 views

CVE-2024-23057

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function...

8AI score0.0313EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/01/11 12:0 a.m.13 views

CVE-2024-23057

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function...

10AI score0.0313EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/01/11 12:0 a.m.3 views

PT-2024-19648 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version V17.0.0cu.557 B20221024 Description: A command injection issue was discovered via the tz parameter in the setNtpCfg function, allowing for potential exploitation. Recommendations: For TOTOLINK A3300R version...

9.8CVSS7.6AI score0.0313EPSS
Exploits1References4
CNVD
CNVDadded 2022/03/17 12:0 a.m.22 views

Totolink X5000R Command Injection Vulnerability

Totolink X5000R is a router from China-based Jion Electronics Totolink. a command injection vulnerability exists in Totolink X5000R v9.1.0u.6118B20201102, which stems from a failure of the tz parameter in the setNtpCfg function to properly filter the special element of the constructed command. An...

9.8CVSS3.9AI score0.31512EPSS
Exploits1References1
Rows per page
Query Builder