Lucene search
K

165 matches found

Prion
Prion
added 2024/03/10 8:15 a.m.15 views

Command injection

A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu.85220230719. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation of the argument ip leads to os command injection. The attack may be...

9CVSS7.7AI score0.03952EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2024/03/10 7:31 a.m.30 views

CVE-2024-2353 Totolink X6000R shttpd cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu.85220230719. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation of the argument ip leads to os command injection. The attack may be...

9CVSS7.3AI score0.03952EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/03/10 7:31 a.m.17 views

CVE-2024-2353 Totolink X6000R shttpd cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu.85220230719. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation of the argument ip leads to os command injection. The attack may be...

9CVSS9.2AI score0.03952EPSS
Exploits2References3
CNNVD
CNNVD
added 2024/03/10 12:0 a.m.5 views

TOTOLINK X6000R 操作系统命令注入漏洞

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R version 9.4.0cu.85220230719 suffers from an operating system command injection vulnerability that originates from a security issue in the setDiagnosisCfg function in /cgi-bin/cstecgi.cgi in the...

9CVSS7.4AI score0.03952EPSS
Exploits2References4
OSV
OSV
added 2024/02/23 1:15 a.m.6 views

CVE-2024-1781

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...

9.8CVSS5.4AI score0.14692EPSS
Exploits1References3
Prion
Prion
added 2024/02/23 1:15 a.m.29 views

Command injection

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...

5.8CVSS7.6AI score0.14692EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/02/23 12:0 a.m.17 views

CVE-2024-1781 Totolink X6000R AX3000 shttpd cstecgi.cgi setWizardCfg command injection

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...

6.3CVSS7.5AI score0.14692EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/02/23 12:0 a.m.46 views

CVE-2024-1781 Totolink X6000R AX3000 shttpd cstecgi.cgi setWizardCfg command injection

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...

6.3CVSS7.1AI score0.14692EPSS
Exploits1References3
CVE
CVE
added 2024/02/23 12:0 a.m.60 views

CVE-2024-1781

CVE-2024-1781 affects Totolink X6000R AX3000 (firmware 9.4.0cu.852_20230719). The vulnerability is in the shttpd component’s setWizardCfg function (/cgi-bin/cstecgi.cgi) and allows command injection due to insufficient input validation. Public exploit guidance exists, and vendors were reportedly ...

9.8CVSS6.8AI score0.14692EPSS
In wildExploits1References3Affected Software1
CNVD
CNVD
added 2024/01/24 12:0 a.m.2 views

TOTOLINK X6000R Code Execution Vulnerability

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R suffers from a code execution vulnerability that stems from the application failing to properly filter construct command special characters, commands, etc. An attacker can exploit this vulnerability t...

9.8CVSS7.8AI score0.0086EPSS
Exploits1References1
NVD
NVD
added 2024/01/16 7:15 p.m.26 views

CVE-2023-52041

An issue discovered in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary code via the sub410118 function of the shttpd program...

9.8CVSS9.6AI score0.0086EPSS
Exploits1References1
OSV
OSV
added 2024/01/16 7:15 p.m.4 views

CVE-2023-52041

An issue discovered in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary code via the sub410118 function of the shttpd program...

9.8CVSS6AI score0.0086EPSS
Exploits1References1
Prion
Prion
added 2024/01/16 7:15 p.m.21 views

Code injection

An issue discovered in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary code via the sub410118 function of the shttpd program...

7.5CVSS7.7AI score0.0086EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/16 12:0 a.m.2 views

CVE-2023-52041

An issue discovered in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary code via the sub410118 function of the shttpd program...

7.6AI score0.0086EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.3 views

TOTOLINK X6000R 安全漏洞

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R suffers from a code execution vulnerability that stems from the application failing to properly filter construct command special characters, commands, etc. An attacker can exploit this vulnerability t...

9.8CVSS8AI score0.0086EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/01/16 12:0 a.m.5 views

PT-2024-14370 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.852 B20230719 Description: An issue in the TOTOLINK X6000R allows attackers to run arbitrary code via the sub 410118 function of the shttpd program. Recommendations: For TOTOLINK X6000R version 9.4.0cu.852...

9.8CVSS9.5AI score0.0086EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/01/16 12:0 a.m.22 views

CVE-2023-52041

An issue discovered in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary code via the sub410118 function of the shttpd program...

9.7AI score0.0086EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.8 views

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

The vulnerability of the sub4119A0 function shttpd in the TOTOLINK X6000R router microprogramming system exists due to the lack of measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8.1AI score0.01536EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.9 views

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

The vulnerability of the sub4119A0 function shttpd in the TOTOLINK X6000R router microprogramming system exists due to the lack of measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8.1AI score0.01536EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.7 views

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

The vulnerability of the sub4119A0 function shttpd in the TOTOLINK X6000R router microprogramming system exists due to the lack of measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8.1AI score0.01536EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder