35 matches found
TOTOLINK LR350 命令注入漏洞
TOTOLINK LR350 is a wireless router from China Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK LR350 version V9.3.5u.6369B20220309. An attacker can exploit this vulnerability to conduct a command injection attack via the FileName parameter of the setUploadSetting method...
CVE-2023-37149
TOTOLINK LR350 firmware version V9.3.5u.6369_B20220309 contains a command injection vulnerability in the setUploadSetting function, exploitable via the FileName parameter. CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base score 9.8 (CRITICAL). Impacts confidentiality, integrity, and availabilit...
CVE-2023-37149
TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function...
CVE-2023-37149
TOTOLINK LR350 V9.3.5u.6369B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function...
CVE-2022-44252
TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the FileName parameter in the setUploadSetting function...
Command injection
TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the FileName parameter in the setUploadSetting function...
TOTOLINK NR1800X 操作系统命令注入漏洞
TOTOLINK NR1800X is a 5G NR indoor Wi-Fi and SIP CPE broadband access device from China's Gion Electronics TOTOLINK, which is mainly used for the deployment of NR fixed data services in homes and offices to support 5G NR network connectivity. A command injection vulnerability exists in the TOTOLI...
TOTOLINK N600R Command Injection Vulnerability (CNVD-2022-53557)
TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK, which is vulnerable to a command injection attack via the filename parameter in /setting/setUploadSetting...
PT-2022-19308 · Totolink · Totolink N600R
Name of the Vulnerable Software and Affected Versions: TOTOLink N600R version V5.3c.7159 B20190425 Description: A command injection issue was found via the filename parameter in the "/setting/setUploadSetting" API endpoint. This allows for potential command execution. No information is provided...
TOTOLINK N600R 操作系统命令注入漏洞
TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK, which is vulnerable to a command injection attack via the filename parameter in /setting/setUploadSetting...
CVE-2022-26209
Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setUploadSetting, via the...
CVE-2022-26209
Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setUploadSetting, via the...
Command injection
Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setUploadSetting, via the...
CVE-2022-26209
Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setUploadSetting, via the...
PT-2022-17724 · Totolink · Totolink A810R +5
Name of the Vulnerable Software and Affected Versions: Totolink A830R version 5.9c.4729 B20191112 Totolink A3100R version 4.1.2cu.5050 B20200504 Totolink A950RG version 4.1.2cu.5161 B20200903 Totolink A800R version 4.1.2cu.5137 B20200730 Totolink A3000RU version 5.9c.5185 B20201128 Totolink A810R...