Lucene search
+L

27 matches found

vulnrichment
vulnrichment
added 2025/10/06 8:2 a.m.3 views

CVE-2025-11327 Tenda AC18 SetUpnpCfg stack-based overflow

A security vulnerability has been detected in Tenda AC18 15.03.05.196318. This vulnerability affects unknown code of the file /goform/SetUpnpCfg. The manipulation of the argument upnpEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

9CVSS7.1AI score0.01147EPSS
Exploits1References5
cvelist
cvelist
added 2025/10/06 8:2 a.m.10 views

CVE-2025-11327 Tenda AC18 SetUpnpCfg stack-based overflow

A security vulnerability has been detected in Tenda AC18 15.03.05.196318. This vulnerability affects unknown code of the file /goform/SetUpnpCfg. The manipulation of the argument upnpEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

9CVSS0.01147EPSS
Exploits1References5
osv
osv
added 2025/04/16 5:15 a.m.2 views

CVE-2025-3667

A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822B20200513. It has been classified as critical. This affects the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been...

6.9CVSS5.4AI score0.00542EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2025/04/15 12:0 a.m.5 views

PT-2025-16556 · Totolink · Totolink A3700R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3700R version 9.1.2u.5822 B20200513 Description: A critical issue affects the setUPnPCfg function of the file /cgi-bin/cstecgi.cgi, leading to improper access controls. The manipulation can be initiated remotely. The exploit has bee...

6.9CVSS5.2AI score0.00542EPSS
Exploits1References11
osv
osv
added 2024/08/12 8:15 p.m.5 views

CVE-2024-42745

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...

8.8CVSS6AI score0.01663EPSS
Exploits1References1
cnnvd
cnnvd
added 2024/08/12 12:0 a.m.4 views

TOTOLINK X5000R 操作系统命令注入漏洞

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setUPnPCfg method of /cgi-bin/cstecgi.cgi failing to properly filter constructed command special...

9.8CVSS7.7AI score0.01663EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2024/08/12 12:0 a.m.21 views

CVE-2024-42745

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...

9.9AI score0.01663EPSS
Exploits1References1
Rows per page
Query Builder