Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

313 matches found

Positive Technologies
Positive Technologiesadded 2023/12/22 12:0 a.m.4 views

PT-2023-31732 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution. This is possible through the lanIp parameter of the setLanConfig interface in the cstecgi.cgi endpoint. Recommendation...

9.8CVSS9.5AI score0.0097EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/12/22 12:0 a.m.5 views

PT-2023-31739 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution in the tz parameter of the setNtpCfg interface of the cstecgi .cgi. This can be exploited through the 'tz' parameter...

9.8CVSS9.4AI score0.0097EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2023/12/22 12:0 a.m.3 views

PT-2023-31728 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue concerns unauthorized arbitrary command execution in the lanNetmask parameter of the setLanConfig interface of the cstecgi.cgi. Recommendations: For TOTOlink EX1800T versi...

9.8CVSS9.4AI score0.0097EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/12/22 12:0 a.m.5 views

PT-2023-31743 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1800T version 9.1.0cu.2112 B20220316 Description: The issue concerns unauthorized arbitrary command execution. It is related to the apcliChannel parameter of the "setWiFiExtenderConfig" interface in the "cstecgi.cgi"...

9.8CVSS9.4AI score0.01049EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/12/22 12:0 a.m.4 views

PT-2023-31738 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution. This is achieved through the langFlag parameter of the "setLanguageCfg" interface in the "cstecgi.cgi" endpoint...

9.8CVSS9.6AI score0.0097EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/12/22 12:0 a.m.4 views

PT-2023-31731 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution in the "setRebootScheCfg" interface of the "cstecgi.cgi". Recommendations: For version 9.1.0cu.2112 B20220316, consider...

9.8CVSS9.6AI score0.01049EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/12/22 12:0 a.m.3 views

PT-2023-31736 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution. This is achieved through the langType parameter in the setLanguageCfg interface of the cstecgi .cgi. Recommendations:...

9.8CVSS9.5AI score0.0097EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/12/22 12:0 a.m.3 views

PT-2023-31737 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution. This is possible through the merge parameter of the "setRptWizardCfg" interface in the "cstecgi.cgi" endpoint...

9.8CVSS9.5AI score0.0097EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/12/22 12:0 a.m.4 views

PT-2023-31726 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue concerns unauthorized arbitrary command execution. It is related to the lanPriDns parameter of the "setLanConfig" interface in the "cstecgi.cgi". Recommendations: For...

9.8CVSS9.4AI score0.0097EPSS
Exploits1References3
CVE
CVEadded 2023/12/22 12:0 a.m.42 views

CVE-2023-51022

CVE-2023-51022 affects TOTOLINK EX1800T, version 9.1.0cu.2112_B20220316. The vulnerability stems from the langFlag parameter in the setLanguageCfg interface of the cstecgi.cgi, allowing unauthorized arbitrary command execution. Multiple connected sources corroborate this issue, including Red Hat,...

9.8CVSS9.4AI score0.0097EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2023/12/22 12:0 a.m.38 views

CVE-2023-51011

CVE-2023-51011 affects TOTOLINK EX1800T, firmware version 9.1.0cu.2112_B20220316. The vulnerability is an unauthorized arbitrary command execution through the lanPriDns parameter of the setLanConfig interface in cstecgi.cgi. Multiple sources confirm the issue; exploitation details are not provide...

9.8CVSS9.4AI score0.0097EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2023/12/22 12:0 a.m.40 views

CVE-2023-51028

CVE-2023-51028 affects TOTOLINK EX1800T 9.1.0cu.2112_B20220316. The vulnerability is in the apcliChannel parameter of the setWiFiExtenderConfig interface in cstecgi.cgi, allowing unauthorized arbitrary command execution. CVSSv3.1: Network attack, low complexity, no privileges, no user interaction...

9.8CVSS9.4AI score0.01049EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2023/12/22 12:0 a.m.15 views

CVE-2023-51012

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi...

9.7AI score0.0097EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/12/22 12:0 a.m.17 views

CVE-2023-51020

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi...

9.7AI score0.0097EPSS
Exploits1References1
NVD
NVDadded 2023/12/13 7:15 a.m.12 views

CVE-2023-40716

An improper neutralization of special elements used in an OS command vulnerability CWE-78 in the command line interpreter of FortiTester 2.3.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments when running execute restore/backup...

7.8CVSS0.00247EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2023/09/19 3:9 p.m.129 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.8CVSS7.2AI score0.54577EPSS
Exploits8References9
RedHat Linux
RedHat Linuxadded 2023/09/05 9:11 a.m.8 views

Kernel: bluetooth: Unauthorized management command execution

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...

6.8CVSS6.8AI score0.0147EPSS
Exploits2References5
Tenable Nessus
Tenable Nessusadded 2023/08/29 12:0 a.m.34 views

RHEL 8 : kernel (RHSA-2023:4789)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4789 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in l2capconnect...

8.8CVSS7.5AI score0.54577EPSS
Exploits7References23
Tenable Nessus
Tenable Nessusadded 2023/08/02 12:0 a.m.8 views

Moxa AWK-3121 Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2018-10701)

An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter iwfilename is susceptible to...

8.8CVSS8.8AI score0.02604EPSS
Exploits1References5
Cvelist
Cvelistadded 2023/08/01 10:46 p.m.18 views

CVE-2023-31427 Knowledge of full path name

Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2.0 Could allow an authenticated, local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege. Starting with Fabric OS v9.1.0, “root” account access is disabled...

7.8CVSS7.9AI score0.002EPSS
Exploits0References2
Rows per page
Query Builder