6 matches found
PT-2026-28742
Name of the Vulnerable Software and Affected Versions Totolink NR1800X version 9.1.0u.6279 B20210910 Description A command injection issue exists in the Telnet Service component of Totolink NR1800X. The issue is located in the NTPSyncWithHost function within the /cgi-bin/cstecgi.cgi file...
PT-2022-27149 · Totolink · Totolink Nr1800X
Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6279 B20210910 Description: The issue concerns a command injection via the hostName parameter in the setOpModeCfg function. This allows for potential exploitation. No information is provided about the estimated...
CVE-2022-41527
TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the pppoeUser parameter in the setOpModeCfg function...
CVE-2022-41525
TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain a command injection vulnerability via the OpModeCfg function at /cgi-bin/cstecgi.cgi...
CVE-2022-41522
TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an unauthenticated stack overflow via the "main" function...
PT-2022-25905 · Totolink · Totolink Nr1800X
Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6279 B20210910 Description: A command injection issue was found via the UploadFirmwareFile function at the "/cgi-bin/cstecgi.cgi" API endpoint. Recommendations: For TOTOLINK NR1800X version 9.1.0u.6279 B2021091...