45 matches found
CVE-2023-33556
CVE-2023-33556 affects TOTOLink A7100RU firmware version V7.4cu.2313_B20191024. The issue is a command injection via the staticGw parameter exposed at /setting/setWanIeCfg, caused by insufficient input sanitization. PT-2023-4271 summarizes this as a remote-code-execution vulnerability and recomme...
TOTOLINK A7100RU 命令注入漏洞
The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK A7100RU version V7.4cu.2313B20191024, which stems from the presence of a command injection vulnerability...
CVE-2023-30053
TOTOLINK A7100RU V7.4cu.2313B20191024 is vulnerable to Command Injection...
CVE-2023-30054
TOTOLINK A7100RU V7.4cu.2313B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload...
TOTOLINK A7100RU 操作系统命令注入漏洞
The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK A7100RU version V7.4cu.2313B20191024, which stems from the presence of a command injection vulnerability...
CVE-2023-30053
TOTOLINK A7100RU router (firmware V7.4cu.2313_B20191024) is reported vulnerable to a Command Injection issue (CVE-2023-30053). The CVSS 3.1 base score is 9.8 (CRITICAL) with network access, no authentication, and no user interaction required, affecting confidentiality, integrity, and availability...
CVE-2023-30053
TOTOLINK A7100RU V7.4cu.2313B20191024 is vulnerable to Command Injection...
CVE-2023-30054
CVE-2023-30054 affects TOTOLINK A7100RU firmware 7.4cu.2313_B20191024. The vulnerability is a Command Injection flaw in the device that can allow an attacker to obtain a stable root shell through a specially crafted payload. The CVSS metrics indicate a critical impact with network access, no user...
CVE-2023-26978
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg...
CVE-2023-27231
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg...
Command injection
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg...
CVE-2023-27232
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg...
CVE-2023-27229
Summary : CVE-2023-27229 affects TOTOLINK A7100RU with firmware V7.4cu.2313_B20191024. The issue is a command injection vulnerability exposed via the upBw parameter in the /setting/setWanIeCfg API. The root cause is improper handling/filtering of constructed commands, enabling arbitrary command e...
CVE-2023-27135
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg...
CVE-2023-27135
The CVE-2023-27135 issue affects TOTOLINK A7100RU (V7.4cu.2313_B20191024). A command injection vulnerability exists in the /setting/setWanIeCfg endpoint via the enabled parameter, enabling arbitrary command execution by an unauthenticated network attacker. The reported impact is high/critical (C/...
CVE-2023-24184
CVE-2023-24184 concerns TOTOLink A7100RU with firmware version 7.4cu.2313_B20191024. Multiple sources describe a command injection vulnerability in this device. The CVSS v3.1 vector indicates a remote, unauthenticated, high-impact issue affecting confidentiality, integrity, and availability (all ...
CVE-2023-24184
TOTOLink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability...
Command injection
TOTOlink A7100RUV7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules...
TOTOLINK A7100RU 命令注入漏洞
The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK A7100RU V7.4cu.2313B20191024 version, which was discovered to contain a command injection vulnerability via the country parameter of setting/delStaticDhcpRules...
CVE-2022-48124
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function...