6 matches found
PT-2025-1232 · Totolink · Totolink X5000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2350 B20230313 Description: The issue is related to an OS command injection vulnerability. This vulnerability can be exploited via the limit parameter in the setVpnAccountCfg function. The vulnerability allows ...
PT-2024-30122 · Totolink · Totolink X5000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000r version 9.1.0cu.2350 b20230313 Description: The issue is related to an OS command injection vulnerability in the setL2tpServerCfg function within the /cgi-bin/cstecgi.cgi file. Authenticated attackers can exploit this by sendi...
PT-2024-24527 · Totolink · Totolink X5000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2350 B20230313 Description: The issue is an authenticated remote command execution vulnerability. It can be exploited via the ipsecPsk parameter in the "cstecgi.cgi" binary. Recommendations: For TOTOLINK X5000R...
CVE-2024-34921
TOTOLINK X5000R v9.1.0cu.2350B20230313 was discovered to contain a command injection via the disconnectVPN function...
PT-2024-24532 · Totolink · Totolink X5000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2350 B20230313 Description: A command injection issue was found, related to the setSSServer function, specifically via the password parameter. Recommendations: For TOTOLINK X5000R version 9.1.0cu.2350 B20230313...
PT-2023-4213 · Totolink · Totolink X5000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2350 B20230313 Description: The issue is related to a command injection vulnerability via the setWanCfg function. This vulnerability is associated with a lack of input data sanitization measures in the TOTOLINK...