CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

Cvelist•added 2024/08/12 12:0 a.m.•19 views

CVE-2024-42747

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...

0.02019EPSS

Exploits1References1

CVE•added 2024/08/12 12:0 a.m.•56 views

CVE-2024-42747

CVE-2024-42747 – TOTOLINK X5000r : A command-injection in /cgi-bin/cstecgi.cgi (setWanIeCfg) on TOTOLINK X5000r v9.1.0cu.2350_b20230313 allows authenticated attackers to execute arbitrary commands. The vulnerability stems from insufficient input validation in the affected function. Exploitation c...

8.8CVSS8.1AI score0.02019EPSS

Exploits1References1Affected Software1

CNNVD•added 2024/08/12 12:0 a.m.•2 views

TOTOLINK X5000R 安全漏洞

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setWanIeCfg method of /cgi-bin/cstecgi.cgi failing to properly filter constructed command special...

8.8CVSS7.7AI score0.02019EPSS

Exploits1References2

NVD•added 2023/06/07 9:15 p.m.•15 views

CVE-2023-33556

TOTOLink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg...

9.8CVSS9.8AI score0.05193EPSS

Exploits1References1

CVE•added 2023/06/07 12:0 a.m.•56 views

CVE-2023-33556

CVE-2023-33556 affects TOTOLink A7100RU firmware version V7.4cu.2313_B20191024. The issue is a command injection via the staticGw parameter exposed at /setting/setWanIeCfg, caused by insufficient input sanitization. PT-2023-4271 summarizes this as a remote-code-execution vulnerability and recomme...

9.8CVSS9.7AI score0.05193EPSS

Exploits1References1Affected Software1

Prion•added 2023/04/07 4:15 a.m.•15 views

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg...

7.5CVSS9.8AI score0.14899EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/04/07 12:0 a.m.•16 views

CVE-2023-26978

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg...

10AI score0.14899EPSS

Exploits1References1

NVD•added 2023/03/28 11:15 p.m.•13 views

CVE-2023-27232

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg...

9.8CVSS9.8AI score0.05164EPSS

Exploits1References1

NVD•added 2023/03/28 10:15 p.m.•11 views

CVE-2023-27231

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg...

9.8CVSS9.8AI score0.03607EPSS

Exploits1References1

Prion•added 2023/03/28 10:15 p.m.•13 views

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg...

7.5CVSS9.8AI score0.04346EPSS

Exploits1References1Affected Software1

Prion•added 2023/03/28 10:15 p.m.•19 views

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg...

7.5CVSS9.8AI score0.03607EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/03/28 12:0 a.m.•18 views

CVE-2023-27229

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg...

10AI score0.04346EPSS

Exploits1References1

Cvelist•added 2023/03/28 12:0 a.m.•14 views

CVE-2023-27231

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg...

10AI score0.03607EPSS

Exploits1References1

Cvelist•added 2023/03/28 12:0 a.m.•14 views

CVE-2023-27232

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg...

10AI score0.05164EPSS

Exploits1References1

Prion•added 2023/03/23 3:15 p.m.•17 views

Command injection

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg...

7.5CVSS9.8AI score0.05164EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/03/23 12:0 a.m.•14 views

CVE-2023-27135

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg...

10AI score0.05164EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by