PT-2025-27416 · D Link · D-Link Di-7300G+

Name of the Vulnerable Software and Affected Versions: D-Link DI-7300G+ version 19.12.25A1 Description: A critical issue has been found, affecting an unknown function of the file wget test.asp. The manipulation of the url argument leads to os command injection. It is possible to launch the attack...

TotoLink A3100R Access Control Error Vulnerability (CNVD-2022-54663)

TotoLink A3100R is a series of wireless router TotoLink A3100R V5.9c.4577 from TotoLink Electronics Taiwan, China has an access control error vulnerability, which stems from test.asp contains an API-like function that is not authenticated and can be exploited by an attacker without authentication...

CVE-2021-46006

In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication...

Authentication flaw

In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication...

Telekom Bug Bounty #11 - SQL Injection Vulnerability

Document Title: =============== Telekom Bug Bounty 11 - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1177 Dev Article:...