CVE-2025-2097 TOTOLINK EX1800T cstecgi.cgi setRptWizardCfg stack-based overflow

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This issue affects the function setRptWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument loginpass leads to stack-based buffer overflow. The attack may be initiat...

CVE-2023-51021

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi...

CVE-2023-51021

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi...

CVE-2023-51021

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi...

TOTOLINK EX1800T 安全漏洞

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setRptWizardCfg interface, which originates from the merge parameter of the cstecgi .cgi's setRptWizardCfg interface that fails to correctly filt...

CVE-2023-51021

CVE-2023-51021 affects TOTOLINK EX1800T (version 9.1.0cu.2112_B20220316). The vulnerability is an unauthorized arbitrary command execution in the merge parameter of the setRptWizardCfg interface of the cstecgi.cgi, caused by insufficient input filtering of constructed commands. Impact is high (pe...