Lucene search
K

22 matches found

CNVD
CNVD
•added 2022/06/09 12:0 a.m.•19 views

TOTOLINK EX1200T setNoticeCfg function command injection vulnerability

TOTOLINK EX1200T is a Wi-Fi range extender from China-based Gion Electronics TOTOLINK.A command injection vulnerability exists in TOTOLINK EX1200T V4.1.2cu.5215, which originates from the file lib/cstemodules/system in the setNoticeCfg function in the file lib/cstemodules/system fails to properly...

10CVSS3.8AI score0.08208EPSS
Exploits1References1
Cvelist
Cvelist
•added 2022/06/03 5:12 p.m.•19 views

CVE-2021-42893

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information wifikey, etc. without authorization through getSysStatusCfg...

7.6AI score0.01369EPSS
Exploits1References1
CVE
CVE
•added 2022/06/03 5:12 p.m.•79 views

CVE-2021-42893

Vulnerability: TOTOLINK EX1200T (version 4.1.2cu.5215) exposes sensitive data (e.g., wifikey) via getSysStatusCfg without authorization. Affected component: getSysStatusCfg function on the EX1200T firmware. Root cause: information disclosure leading to confidential data exposure. Impact: attacker...

7.5CVSS7.3AI score0.01369EPSS
Exploits1References1Affected Software1
CVE
CVE
•added 2022/06/03 4:53 p.m.•81 views

CVE-2021-42892

CVE-2021-42892 affects TOTOLINK EX1200T (firmware V4.1.2cu.5215). The root cause is a default username/password stored in the firmware, allowing an attacker to start Telnet without authorization. Impact: unauthorized Telnet access and potential compromise of the device. No remediation details are...

5CVSS4.7AI score0.00698EPSS
Exploits1References1Affected Software1
OSV
OSV
•added 2022/06/03 4:15 p.m.•5 views

CVE-2021-42891

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information wifikey, etc. without authorization...

7.5CVSS5.8AI score0.01369EPSS
Exploits1References1
CVE
CVE
•added 2022/06/03 3:17 p.m.•71 views

CVE-2021-42891

CVE-2021-42891 affects TOTOLINK EX1200T V4.1.2cu.5215, enabling an attacker to obtain sensitive information (e.g., wifikey) without authorization. The PT-2022-11736 entry confirms the affected version and notes there is no available information about a fixed newer version at this time. Other conn...

7.5CVSS7.3AI score0.01369EPSS
Exploits1References1Affected Software1
NVD
NVD
•added 2022/06/03 3:15 p.m.•19 views

CVE-2021-42889

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information wifikey, wifiname, etc. without authorization...

7.5CVSS0.01369EPSS
Exploits1References1
CVE
CVE
•added 2022/06/03 2:8 p.m.•67 views

CVE-2021-42889

TOTOLINK EX1200T (version 4.1.2cu.5215) is affected by an information-disclosure vulnerability that allows an attacker to obtain sensitive credentials (e.g., wifikey, wifiname) without authorization. The issue is described across multiple sources (CNVD/CNNVD, NVD entry CVE-2021-42889, PT-2022-117...

7.5CVSS7.3AI score0.01369EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
•added 2022/06/03 1:51 p.m.•22 views

CVE-2021-42888

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setLanguageCfg of the file global.so which can control langType to attack...

9.8AI score0.01876EPSS
Exploits1References1
CVE
CVE
•added 2022/06/03 1:51 p.m.•83 views

CVE-2021-42888

TOTOLINK EX1200T v4.1.2cu.5215 is affected by a remote command injection in the setLanguageCfg function of global.so, allowing control of langType. The PT-2022-11732 advisory confirms the vulnerability and provides mitigations: disable the setLanguageCfg function, restrict access to global.so, an...

9.8CVSS9.6AI score0.01876EPSS
Exploits1References1Affected Software1
NVD
NVD
•added 2022/06/03 12:15 p.m.•17 views

CVE-2021-42887

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm...

9.8CVSS0.42853EPSS
Exploits1References1
Prion
Prion
•added 2022/06/03 12:15 p.m.•18 views

Information disclosure

TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file...

5CVSS7.3AI score0.01976EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
•added 2022/06/03 11:40 a.m.•27 views

CVE-2021-42887

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm...

9.7AI score0.42853EPSS
Exploits1References1
Prion
Prion
•added 2022/06/03 11:15 a.m.•15 views

Command injection

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceMac of the file global.so which can control deviceName to attack...

7.5CVSS9.6AI score0.02494EPSS
Exploits1References1Affected Software1
CVE
CVE
•added 2022/06/03 11:13 a.m.•73 views

CVE-2021-42886

CVE-2021-42886 applies to TOTOLINK EX1200T, version V4.1.2cu.5215, describing an information-disclosure vulnerability. An unauthenticated attacker can access the attacker-controlled apmib configuration file and retrieve usernames and passwords from the decoded contents. The description indicates ...

7.5CVSS7.2AI score0.01976EPSS
Exploits1References1Affected Software1
CVE
CVE
•added 2022/06/03 10:50 a.m.•87 views

CVE-2021-42885

Summary: CVE-2021-42885 is a remote command injection in TOTOLINK EX1200T V4.1.2cu.5215, exploiting the setDeviceMac function in global.so to potentially influence the deviceName. The vulnerability is driven by improper handling in the setDeviceMac routine, enabling an attacker to inject commands...

9.8CVSS9.6AI score0.02494EPSS
Exploits1References1Affected Software1
Prion
Prion
•added 2022/06/02 8:15 p.m.•14 views

Denial of service

TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cstemodules/system which can reboot the system...

7.8CVSS7.4AI score0.02289EPSS
Exploits1References3Affected Software1
CVE
CVE
•added 2022/06/02 7:18 p.m.•78 views

CVE-2021-42877

TOTOLINK EX1200T (v4.1.2cu.5215) contains a denial-of-service vulnerability in the RebootSystem function of lib/cste_modules/system. The issue arises from the RebootSystem path and can cause an unexpected reboot of the device. Public references describe the affected component and version, and som...

7.8CVSS7.4AI score0.02289EPSS
Exploits1References3Affected Software1
Prion
Prion
•added 2022/06/02 7:15 p.m.•24 views

Command injection

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cstemodules/system.so to control the ipDoamin...

10CVSS9.6AI score0.05043EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
•added 2022/06/02 6:52 p.m.•20 views

CVE-2021-42875

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cstemodules/system.so to control the ipDoamin...

9.8AI score0.05043EPSS
Exploits1References2
Rows per page
Query Builder