CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

The vulnerability of the sub4119A0 function shttpd in the TOTOLINK X6000R router microprogramming system exists due to the lack of measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

BDU FSTEC•added 2023/12/14 12:0 a.m.•4 views

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

BDU FSTEC•added 2023/12/06 12:0 a.m.•1 views

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

The vulnerability of the sub4119A0 function shttpd in the TOTOLINK X6000R router’s microprogramming system is related to errors in the code. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS8.1AI score0.00349EPSS

BDU FSTEC•added 2023/12/06 12:0 a.m.•1 views

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

7.5CVSS8.1AI score0.00349EPSS

Exploits1References3Affected Software1

NVD•added 2023/11/30 6:15 p.m.•12 views

CVE-2023-48811

In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file, sub4119A0 function obtains fields from the front-end through Uci Set The Str function that when passed to the CsteSystem function creates a command execution vulnerability...

9.8CVSS0.00349EPSS

NVD•added 2023/11/30 6:15 p.m.•14 views

CVE-2023-48808

In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file, sub4119A0 function obtains fields from the front-end through Uci Set The Str function when passed to the CsteSystem function creates a command execution vulnerability...

9.8CVSS0.00349EPSS

NVD•added 2023/11/30 6:15 p.m.•13 views

CVE-2023-48806

9.8CVSS0.00349EPSS

Prion•added 2023/11/30 6:15 p.m.•20 views

Command injection

7.5CVSS7.4AI score0.00349EPSS

Prion•added 2023/11/30 6:15 p.m.•13 views

Command injection

7.5CVSS7.3AI score0.00349EPSS

Prion•added 2023/11/30 6:15 p.m.•20 views

Command injection

7.5CVSS7.4AI score0.00349EPSS

Prion•added 2023/11/30 6:15 p.m.•18 views

Command injection

7.5CVSS7.4AI score0.00349EPSS

Prion•added 2023/11/30 6:15 p.m.•12 views

Command injection

In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file sub4119A0 function obtains fields from the front-end through Uci Set The Str function that when passed to the CsteSystem function creates a command execution vulnerability...

7.5CVSS7.3AI score0.00349EPSS

Cvelist•added 2023/11/30 12:0 a.m.•17 views

CVE-2023-48804

9.8AI score0.00349EPSS

Cvelist•added 2023/11/30 12:0 a.m.•13 views

CVE-2023-48808

9.8AI score0.00349EPSS

CVE•added 2023/11/30 12:0 a.m.•39 views

CVE-2023-48806

TOTOLINK X6000R V9.4.0cu.852_B20230719 is affected by a command-execution vulnerability in the shttpd component (sub_4119A0). The issue arises when fields obtained from the front-end via the Uci_Set_ The_Str function are passed to CsteSystem, enabling arbitrary command execution. Connected report...

9.8CVSS9.4AI score0.00349EPSS