Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

NVD
NVDadded 2024/08/12 8:15 p.m.15 views

CVE-2024-42747

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...

8.8CVSS0.02019EPSS
Exploits1References1
OSV
OSVadded 2024/08/12 8:15 p.m.1 views

CVE-2024-42747

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...

8.8CVSS6AI score0.02019EPSS
Exploits1References1
CVE
CVEadded 2024/08/12 12:0 a.m.52 views

CVE-2024-42747

CVE-2024-42747 – TOTOLINK X5000r : A command-injection in /cgi-bin/cstecgi.cgi (setWanIeCfg) on TOTOLINK X5000r v9.1.0cu.2350_b20230313 allows authenticated attackers to execute arbitrary commands. The vulnerability stems from insufficient input validation in the affected function. Exploitation c...

8.8CVSS8.1AI score0.02019EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2024/08/12 12:0 a.m.19 views

CVE-2024-42747

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...

0.02019EPSS
Exploits1References1
CNNVD
CNNVDadded 2024/08/12 12:0 a.m.2 views

TOTOLINK X5000R 安全漏洞

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setWanIeCfg method of /cgi-bin/cstecgi.cgi failing to properly filter constructed command special...

8.8CVSS7.7AI score0.02019EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2024/08/12 12:0 a.m.1 views

PT-2024-6505 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000r version 9.1.0cu.2350 b20230313 Description: The issue is related to an OS command injection vulnerability in the setWanIeCfg function, located in the /cgi-bin/cstecgi.cgi file. This vulnerability can be exploited by...

9CVSS7.5AI score0.02019EPSS
Exploits1References7
NVD
NVDadded 2023/06/07 9:15 p.m.15 views

CVE-2023-33556

TOTOLink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg...

9.8CVSS9.8AI score0.01402EPSS
Exploits1References1
OSV
OSVadded 2023/06/07 9:15 p.m.0 views

CVE-2023-33556

TOTOLink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg...

9.8CVSS5.8AI score0.01402EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/06/07 12:0 a.m.17 views

CVE-2023-33556

TOTOLink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg...

10AI score0.01402EPSS
Exploits1References1
CVE
CVEadded 2023/06/07 12:0 a.m.47 views

CVE-2023-33556

CVE-2023-33556 affects TOTOLink A7100RU firmware version V7.4cu.2313_B20191024. The issue is a command injection via the staticGw parameter exposed at /setting/setWanIeCfg, caused by insufficient input sanitization. PT-2023-4271 summarizes this as a remote-code-execution vulnerability and recomme...

9.8CVSS9.7AI score0.01402EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2023/06/07 12:0 a.m.1 views

PT-2023-4271 · Totolink · Totolink A7100Ru

Name of the Vulnerable Software and Affected Versions: TOTOLink A7100RU version V7.4cu.2313 B20191024 Description: The issue is related to the lack of input data sanitization in the staticGw function of the TOTOLink A7100RU router's firmware. This allows a remote attacker to exploit the...

9.8CVSS7.8AI score0.01402EPSS
Exploits1References7
Prion
Prionadded 2023/04/07 4:15 a.m.11 views

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg...

7.5CVSS9.8AI score0.14899EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2023/04/07 12:0 a.m.16 views

CVE-2023-26978

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg...

10AI score0.14899EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/04/07 12:0 a.m.2 views

TOTOLINK A7100RU 命令注入漏洞

The TOTOLINK A7100RU is a wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home network connection. The TOTOLINK A7100RU suffers from a command injection vulnerability that originates from the pppoeAcName parameter of /setting/setWanIeCfg failing to correctly...

9.8CVSS7.8AI score0.14899EPSS
Exploits1References2
CVE
CVEadded 2023/04/07 12:0 a.m.66 views

CVE-2023-26978

CVE-2023-26978 affects TOTOLINK A7100RU (V7.4cu.2313_B20191024). The vulnerability is a command injection in the pppoeAcName parameter exposed via the /setting/setWanIeCfg endpoint. Root cause is improper handling/filtration of input leading to arbitrary command execution. Documents describe impa...

9.8CVSS9.7AI score0.14899EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2023/03/28 11:15 p.m.13 views

CVE-2023-27232

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg...

9.8CVSS9.8AI score0.05164EPSS
Exploits1References1
NVD
NVDadded 2023/03/28 10:15 p.m.11 views

CVE-2023-27231

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg...

9.8CVSS9.8AI score0.03607EPSS
Exploits1References1
OSV
OSVadded 2023/03/28 10:15 p.m.1 views

CVE-2023-27231

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg...

9.8CVSS7.3AI score
Exploits0References1
Prion
Prionadded 2023/03/28 10:15 p.m.14 views

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg...

7.5CVSS9.8AI score0.03607EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2023/03/28 10:15 p.m.10 views

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg...

7.5CVSS9.8AI score0.04346EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder