Lucene search
K

70 matches found

Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.14 views

PT-2026-43091

A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS7.1AI score0.01909EPSS
Exploits0References5
NVD
NVD
added 2026/04/13 6:16 p.m.12 views

CVE-2026-6195

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS0.14277EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/13 5:30 p.m.5 views

CVE-2026-6195 Totolink A7100RU CGI cstecgi.cgi setPasswordCfg os command injection

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS5.6AI score0.14277EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/13 5:30 p.m.5 views

CVE-2026-6195

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS5.6AI score0.14277EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/13 5:30 p.m.24 views

CVE-2026-6195

Totolink A7100RU (firmware 7.4cu.2313_b20191024) is affected by a vulnerability in CGI Handler’s /cgi-bin/cstecgi.cgi setPasswordCfg. Manipulating the admpass argument enables os command injection and can be exploited remotely. The exploit is publicly disclosed. No additional technical details (e...

10CVSS7AI score0.14277EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.9 views

PT-2026-32489

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A security issue in the CGI Handler component allows for remote OS command injection. The problem exists in the setPasswordCfg function within the '/cgi-bin/cstecgi.cgi' file. An...

10CVSS7.4AI score0.14277EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-28223

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0192EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:59 a.m.7 views

CVE-2023-51025

TOTOlink EX1800T V9.1.0cu.2112B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi...

9.8CVSS7.2AI score0.01049EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:3 a.m.4 views

CVE-2023-37171

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function...

9.8CVSS8AI score0.01674EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 3:20 a.m.4 views

CVE-2023-24160

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function...

9.8CVSS8AI score0.0192EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:54 a.m.9 views

CVE-2023-24159

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admpass parameter in the setPasswordCfg function...

9.8CVSS8AI score0.0192EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/03/25 12:0 a.m.7 views

The vulnerability of the setPasswordCfg() function in the microprogramming software for TOTOLINK CA300-PoE allows a hacker to execute arbitrary commands.

The vulnerability of the setPasswordCfg function in the TOTOLINK CA300-PoE router’s microprogramming software is related to the lack of measures taken to clean data at the management level when processing the admpass parameter. Exploiting this vulnerability allows a remote attacker to execute...

10CVSS8.1AI score0.0192EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2025/03/19 12:0 a.m.2 views

TOTOLINK EX1800T setPasswordCfg function buffer overflow vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from a buffer overflow vulnerability that stems from the setPasswordCfg function failing to properly validate the length and size of the input data, which can be exploited by an...

9.8CVSS9.2AI score0.01001EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/17 8:31 a.m.23 views

CVE-2025-2369 TOTOLINK EX1800T cstecgi.cgi setPasswordCfg stack-based overflow

A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the atta...

9CVSS0.01001EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/03/17 8:31 a.m.11 views

CVE-2025-2369 TOTOLINK EX1800T cstecgi.cgi setPasswordCfg stack-based overflow

A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the atta...

9CVSS8.9AI score0.01001EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.2 views

TOTOLINK EX1800T 安全漏洞

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from a buffer overflow vulnerability that stems from the setPasswordCfg function failing to properly validate the length and size of the input data, which can be exploited by an...

9.8CVSS8.1AI score0.01001EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/03/17 12:0 a.m.5 views

PT-2025-11462 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1800T versions 9.1.0cu.2112 B20220316 and earlier Description: A critical issue has been found in the TOTOLINK EX1800T, affecting the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpas...

9.8CVSS8.7AI score0.01001EPSS
Exploits1References17
BDU FSTEC
BDU FSTEC
added 2025/03/03 12:0 a.m.3 views

The vulnerability of the setPasswordCfg function in the TOTOLINK X18 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the setPasswordCfg function in the TOTOLINK X18 router microprogramming system lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8.2AI score0.14286EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/02/16 2:15 p.m.3 views

CVE-2025-1340

A vulnerability classified as critical has been found in TOTOLINK X18 9.1.0cu.2024B20220329. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation as part of String leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit...

8.7CVSS6.3AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/02/16 12:0 a.m.4 views

PT-2025-6883 · Totolink · Totolink X18

Name of the Vulnerable Software and Affected Versions: TOTOLINK X18 version 9.1.0cu.2024 B20220329 Description: A critical vulnerability has been found in the setPasswordCfg function of the file /cgi-bin/cstecgi.cgi. The manipulation as part of String leads to a stack-based buffer overflow. It is...

9CVSS8.8AI score0.14286EPSS
Exploits0References18
Rows per page
Query Builder