CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue in TOTOlink X6000R V9.4.0cu.852B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component...

9.8CVSS7.9AI score0.04647EPSS

Exploits1

RedhatCVE•added 2025/05/23 12:39 a.m.•3 views

CVE-2022-41523

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function...

8.8CVSS7.8AI score0.00389EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 11:16 p.m.•2 views

CVE-2022-36487

TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg...

7.8CVSS8AI score0.01274EPSS

Exploits1References1

CNVD•added 2024/08/26 12:0 a.m.•6 views

TOTOLINK AC1200 T8 setTracerouteCfg function buffer overflow vulnerability

The TOTOLINK AC1200 T8 is a dual-band full gigabit router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK AC1200 T8 setTracerouteCfg function, which can be exploited by an attacker to submit a special request that can crash the service program or...

9.8CVSS7.9AI score0.0208EPSS

Exploits1References1

Prion•added 2024/01/11 9:15 a.m.•10 views

Command injection

TOTOlink A3700R v9.1.2u.5822B20200513 was discovered to contain a remote command execution RCE vulnerability via the setTracerouteCfg function...

7.5CVSS8AI score0.20554EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2024/01/11 12:0 a.m.•1 views

PT-2024-14362 · Totolink · Totolink A3700R

Name of the Vulnerable Software and Affected Versions: TOTOlink A3700R version 9.1.2u.5822 B20200513 Description: The issue is related to a remote command execution RCE vulnerability. It can be exploited via the setTracerouteCfg function. Recommendations: For TOTOlink A3700R version 9.1.2u.5822...

9.8CVSS9.4AI score0.20554EPSS

Exploits1References4

Vulnrichment•added 2024/01/11 12:0 a.m.•1 views

CVE-2023-52028

TOTOlink A3700R v9.1.2u.5822B20200513 was discovered to contain a remote command execution RCE vulnerability via the setTracerouteCfg function...

9.7AI score0.20554EPSS

Exploits1References1

CNVD•added 2023/11/02 12:0 a.m.•11 views

TOTOLINK X6000R setTracerouteCfg function code execution vulnerability

TOTOLINK X6000R is a wireless router from China Gion Electronics that supports WiFi 6 technology with high concurrent connections and dual-band transmission. A code execution vulnerability exists in TOTOLINK X6000R. The vulnerability stems from the application failing to properly filter special...

9.8CVSS8.1AI score0.04647EPSS

Exploits1References1

Prion•added 2023/10/31 9:15 p.m.•18 views

Code injection

An issue in TOTOlink X6000R V9.4.0cu.852B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component...

7.5CVSS9.6AI score0.04647EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2023/07/07 12:0 a.m.•3 views

PT-2023-25818 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description: A command injection issue was found in the setTracerouteCfg function via the command parameter. Recommendations: For version 17.0.0cu.557 B20221024, consider disabling the...

9.8CVSS9.7AI score0.01523EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by