165 matches found
Command injection
A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu.85220230719. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation of the argument ip leads to os command injection. The attack may be...
CVE-2024-2353 Totolink X6000R shttpd cstecgi.cgi setDiagnosisCfg os command injection
A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu.85220230719. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation of the argument ip leads to os command injection. The attack may be...
CVE-2024-2353 Totolink X6000R shttpd cstecgi.cgi setDiagnosisCfg os command injection
A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu.85220230719. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation of the argument ip leads to os command injection. The attack may be...
TOTOLINK X6000R 操作系统命令注入漏洞
TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R version 9.4.0cu.85220230719 suffers from an operating system command injection vulnerability that originates from a security issue in the setDiagnosisCfg function in /cgi-bin/cstecgi.cgi in the...
CVE-2024-1781
A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...
Command injection
A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...
CVE-2024-1781 Totolink X6000R AX3000 shttpd cstecgi.cgi setWizardCfg command injection
A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...
CVE-2024-1781 Totolink X6000R AX3000 shttpd cstecgi.cgi setWizardCfg command injection
A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...
CVE-2024-1781
CVE-2024-1781 affects Totolink X6000R AX3000 (firmware 9.4.0cu.852_20230719). The vulnerability is in the shttpd component’s setWizardCfg function (/cgi-bin/cstecgi.cgi) and allows command injection due to insufficient input validation. Public exploit guidance exists, and vendors were reportedly ...
TOTOLINK X6000R Code Execution Vulnerability
TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R suffers from a code execution vulnerability that stems from the application failing to properly filter construct command special characters, commands, etc. An attacker can exploit this vulnerability t...
CVE-2023-52041
An issue discovered in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary code via the sub410118 function of the shttpd program...
CVE-2023-52041
An issue discovered in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary code via the sub410118 function of the shttpd program...
Code injection
An issue discovered in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary code via the sub410118 function of the shttpd program...
CVE-2023-52041
An issue discovered in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary code via the sub410118 function of the shttpd program...
TOTOLINK X6000R 安全漏洞
TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R suffers from a code execution vulnerability that stems from the application failing to properly filter construct command special characters, commands, etc. An attacker can exploit this vulnerability t...
PT-2024-14370 · Totolink · Totolink X6000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.852 B20230719 Description: An issue in the TOTOLINK X6000R allows attackers to run arbitrary code via the sub 410118 function of the shttpd program. Recommendations: For TOTOLINK X6000R version 9.4.0cu.852...
CVE-2023-52041
An issue discovered in TOTOLINK X6000R V9.4.0cu.852B20230719 allows attackers to run arbitrary code via the sub410118 function of the shttpd program...
The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.
The vulnerability of the sub4119A0 function shttpd in the TOTOLINK X6000R router microprogramming system exists due to the lack of measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.
The vulnerability of the sub4119A0 function shttpd in the TOTOLINK X6000R router microprogramming system exists due to the lack of measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.
The vulnerability of the sub4119A0 function shttpd in the TOTOLINK X6000R router microprogramming system exists due to the lack of measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...