Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

67 matches found

CNNVD
CNNVDadded 2025/11/13 12:0 a.m.1 views

TOTOLINK LR1200GB 安全漏洞

TOTOLINK LR1200GB is a wireless dual-band 4G LTE router from China's Gion Electronics TOTOLINK. A security vulnerability exists in ToToLink LR1200GB version V9.1.0u.6619B20230130 and NR1800X version V9.1.0u.6681B20230703, which stems from improper handling of the lang parameter in the cstecgi.cgi...

6.5CVSS7AI score0.00322EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/11/10 12:0 a.m.1 views

TOTOLink A7000R 安全漏洞

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability, which stems from the ssid parameter of the urldecode function failing...

7.5CVSS7AI score0.00294EPSS
Exploits1References2
NVD
NVDadded 2024/05/24 7:15 p.m.9 views

CVE-2024-35388

TOTOLINK NR1800X v9.1.0u.6681B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode...

8.8CVSS7.6AI score0.03888EPSS
Exploits0References1
CVE
CVEadded 2024/03/16 12:0 a.m.56 views

CVE-2024-28639

Summary: CVE-2024-28639 affects TOTOLink X5000R (9.1.0u.6118-B20201102) and A7000R (9.1.0u.6115-B20201022). A buffer overflow in the IP field arises from copying the IP field contents in the /www/cgi bin/cstegi.cgi function without length checking, enabling remote code execution and denial of ser...

9.8CVSS8.1AI score0.01805EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2023/12/11 2:15 p.m.17 views

CVE-2023-49417

TOTOLink A7000R V9.1.0u.6115B20201022 has a stack overflow vulnerability via setOpModeCfg...

9.8CVSS0.0011EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/12/11 12:0 a.m.14 views

CVE-2023-49418

TOTOLink A7000R V9.1.0u.6115B20201022has a stack overflow vulnerability via setIpPortFilterRules...

9.8AI score0.00121EPSS
Exploits1References1
CVE
CVEadded 2023/12/11 12:0 a.m.37 views

CVE-2023-49418

TOTOLink A7000R, version 9.1.0u.6115_B20201022, contains a stack overflow in setIpPortFilterRules. Root cause: improper input handling in setIpPortFilterRules leading to stack overflow. Impact: as described across sources, could allow arbitrary code execution or cause denial of service; exploitat...

9.8CVSS9.5AI score0.00121EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2023/12/11 12:0 a.m.20 views

CVE-2023-49417

TOTOLink A7000R V9.1.0u.6115B20201022 has a stack overflow vulnerability via setOpModeCfg...

9.8AI score0.0011EPSS
Exploits1References1
CVE
CVEadded 2023/12/11 12:0 a.m.45 views

CVE-2023-49417

The CVE-2023-49417 entry concerns TOTOLink A7000R, version 9.1.0u.6115_B20201022, with a stack/stack buffer overflow in the setOpModeCfg function. Multiple connected sources describe a vulnerability where input length is not properly validated, enabling an attacker to potentially execute arbitrar...

9.8CVSS9.5AI score0.0011EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2023/10/31 2:15 p.m.13 views

Stack overflow

TOTOLINK LR1200GB V9.1.0u.6619B20230130 was discovered to contain a stack overflow via the password parameter in the function loginAuth...

7.5CVSS9.7AI score0.11134EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2023/10/31 12:0 a.m.17 views

CVE-2023-46977

TOTOLINK LR1200GB V9.1.0u.6619B20230130 was discovered to contain a stack overflow via the password parameter in the function loginAuth...

10AI score0.11134EPSS
Exploits1References1
CVE
CVEadded 2023/10/31 12:0 a.m.43 views

CVE-2023-46977

The CVE-2023-46977 entry affects TOTOLINK LR1200GB version 9.1.0u.6619_B20230130, where a stack overflow is triggered by the password parameter in the loginAuth function. Multiple sources corroborate a boundary/stack overflow that could allow remote execution of code or cause a denial of service....

9.8CVSS9.7AI score0.11134EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2023/10/16 12:0 a.m.42 views

CVE-2023-36340

TOTOLINK NR1800X firmware version V9.1.0u.6279_B20210910 (and prior) contains a stack overflow in the loginAuth function triggered via the http_host parameter. CVSS 3.1: 9.8 (CRITICAL) with network exploitation, no user interaction; impacts confidentiality, integrity, and availability. No patch/r...

9.8CVSS9.6AI score0.0021EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/10/16 12:0 a.m.12 views

CVE-2023-36340

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain a stack overflow via the httphost parameter in the function loginAuth...

7.8AI score0.0021EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/05/31 12:0 a.m.16 views

CVE-2023-33487

TOTOLINK X5000R V9.1.0u.6118B20201102 and V9.1.0u.6369B20230113 contains a command insertion vulnerability in setDiagnosisCfg.This vulnerability allows an attacker to execute arbitrary commands through the "ip" parameter...

10AI score0.01557EPSS
Exploits1References1
NVD
NVDadded 2023/05/05 2:15 p.m.20 views

CVE-2023-30013

TOTOLINK X5000R V9.1.0u.6118B20201102 and V9.1.0u.6369B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter...

9.8CVSS9.8AI score0.92398EPSS
Exploits4References2
CVE
CVEadded 2023/05/05 12:0 a.m.98 views

CVE-2023-30013

The connected sources confirm a command-injection vulnerability in TOTOLINK X5000R firmware versions 9.1.0u.6118_B20201102 and 9.1.0u.6369_B20230113, specifically in the setting/setTracerouteCfg endpoint, allowing unauthenticated remote execution of arbitrary OS commands via the command parameter...

9.8CVSS9.7AI score0.92398EPSS
Exploits4References2Affected Software1
OSV
OSVadded 2022/11/23 4:15 p.m.1 views

CVE-2022-44251

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the ussd parameter in the setUssd function...

9.8CVSS5.8AI score
Exploits0References1
Prion
Prionadded 2022/11/23 4:15 p.m.18 views

Command injection

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the ussd parameter in the setUssd function...

7.5CVSS9.7AI score0.1447EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/11/23 12:0 a.m.19 views

CVE-2022-44251

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the ussd parameter in the setUssd function...

9.9AI score0.1447EPSS
Exploits1References1
Rows per page
Query Builder