Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-30171

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02093EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2024-30173

Malicious code in bioql PyPI...

8CVSS7.8AI score0.01831EPSS
Exploits1References2
BDU FSTEC
BDU FSTECadded 2025/02/19 12:0 a.m.2 views

The vulnerability of the setSSServer() function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setSSServer function in the cstecgi.cgi script of the TOTOLINK X5000R router’s software is related to the lack of measures to sanitize input data when processing parameters such as password, port, and timeout. Exploiting this vulnerability could allow an attacker to execu...

6.2CVSS5.8AI score0.01034EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTECadded 2025/02/19 12:0 a.m.6 views

The vulnerability of the setSSServer() function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setSSServer function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming system is related to the lack of measures to sanitize input data when processing parameters such as password, port, and timeout. Exploiting this vulnerability allows a remote...

10CVSS5.9AI score0.02093EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTECadded 2025/02/19 12:0 a.m.4 views

The vulnerability of the setSSServer() function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setSSServer function in the cstecgi.cgi script of the TOTOLINK X5000R router’s microprogramming system is related to the lack of measures to sanitize input data when processing parameters such as password, port, and timeout. Exploiting this vulnerability allows a remote...

8CVSS5.9AI score0.01831EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVEadded 2025/02/14 5:50 a.m.21 views

CVE-2024-32354

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...

6CVSS7.9AI score0.01034EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/14 5:49 a.m.16 views

CVE-2024-32355

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function...

8CVSS7.8AI score0.01831EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/14 5:48 a.m.6 views

CVE-2024-32353

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'port' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...

9.8CVSS7.9AI score0.02093EPSS
Exploits1References1
OSV
OSVadded 2024/05/14 4:17 p.m.1 views

CVE-2024-32353

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'port' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...

9.8CVSS5.8AI score0.02093EPSS
Exploits1References2
NVD
NVDadded 2024/05/14 4:17 p.m.12 views

CVE-2024-32353

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'port' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...

9.8CVSS7.6AI score0.02093EPSS
Exploits1References2
Cvelist
Cvelistadded 2024/05/14 4:0 p.m.15 views

CVE-2024-32355

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function...

7.8AI score0.01831EPSS
Exploits1References2
CVE
CVEadded 2024/05/14 4:0 p.m.60 views

CVE-2024-32355

CVE-2024-32355 affects TOTOLINK X5000R (firmware 9.1.0cu.2350_B20230313). The vulnerability is a command injection via the password parameter in the setSSServer function, enabling arbitrary command execution. Multiple sources describe the flaw and its origin in /cgi-bin/cstecgi.cgi handling; CVSS...

8CVSS7.9AI score0.01831EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2024/05/14 3:59 p.m.64 views

CVE-2024-32354

CVE-2024-32354 affects TOTOLINK X5000R (version 9.1.0cu.2350_B20230313). A command injection flaw exists in the setSSServer function via the timeout parameter at /cgi-bin/cstecgi.cgi. Root cause: improper handling/validation of the timeout parameter leading to arbitrary command execution. Impact,...

6CVSS7.9AI score0.01034EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2024/05/14 3:58 p.m.65 views

CVE-2024-32353

CVE-2024-32353 affects TOTOLINK X5000R firmware version 9.1.0cu.2350_B20230313. A command injection exists in the setSSServer API at /cgi-bin/cstecgi.cgi via the port parameter, caused by inadequate input filtering of command characters. Impact is high (arbitrary command execution) with CVSSv3.1:...

9.8CVSS7.9AI score0.02093EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2024/05/13 12:0 a.m.4 views

PT-2024-24531 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2350 B20230313 Description: A command injection issue was found in the setSSServer function via the timeout parameter at the "/cgi-bin/cstecgi.cgi" API endpoint. Recommendations: For TOTOLINK X5000R version...

6.2CVSS7.4AI score0.01034EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2024/05/13 12:0 a.m.4 views

PT-2024-24532 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2350 B20230313 Description: A command injection issue was found, related to the setSSServer function, specifically via the password parameter. Recommendations: For TOTOLINK X5000R version 9.1.0cu.2350 B20230313...

8CVSS7.8AI score0.01831EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2024/05/13 12:0 a.m.3 views

PT-2024-24530 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2350 B20230313 Description: A command injection issue was found via the port parameter in the setSSServer function at "/cgi-bin/cstecgi.cgi" API endpoint. Recommendations: For TOTOLINK X5000R version 9.1.0cu.23...

10CVSS7.3AI score0.02093EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 1976/01/01 12:0 a.m.15 views

CVE-2024-32355

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function...

8AI score0.01831EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 1976/01/01 12:0 a.m.12 views

CVE-2024-32353

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'port' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...

8AI score0.02093EPSS
Exploits1References2
Rows per page
Query Builder