CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

47 matches found

RedhatCVE•added 2026/01/31 9:13 p.m.•9 views

CVE-2026-1723

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1498B20250826...

9.2CVSS5.9AI score0.00901EPSS

Exploits0References1

NVD•added 2026/01/30 9:15 p.m.•3 views

CVE-2026-1723

9.2CVSS0.00901EPSS

Exploits0References2

EUVD•added 2026/01/30 8:52 p.m.•4 views

EUVD-2026-5005

9.2CVSS5.9AI score0.00901EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-31048

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.0088EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-31165

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.01331EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-31021

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.13164EPSS

Exploits0References3

Vulnrichment•added 2025/09/25 8:17 p.m.•3 views

CVE-2025-11005 TOTOLINK X6000R Unauthenticated Command Injection Vulnerability

9.3CVSS6.7AI score0.01331EPSS

Exploits0References2

RedhatCVE•added 2025/09/25 6:55 p.m.•4 views

CVE-2025-52907

Improper Input Validation vulnerability in TOTOLINK X6000R allows Command Injection, File Manipulation.This issue affects X6000R: through V9.4.0cu.1360B20241207...

7.3CVSS7AI score0.0088EPSS

Exploits0References1

CVE•added 2025/09/24 6:12 p.m.•13 views

CVE-2025-52907

CVE-2025-52907 concerns TOTOLINK X6000R, a Wi‑Fi 6 router. The connected sources describe an improper input validation vulnerability in the device’s software stack that can enable command injection and file manipulation. The affected release range is X6000R through version V9.4.0cu.1360_B20241207...

8.8CVSS6.6AI score0.0088EPSS

Exploits0References2Affected Software1

Cvelist•added 2025/09/24 6:12 p.m.•3 views

CVE-2025-52907 TOTOLINK X6000R Security Bypass Vulnerability

Improper Input Validation vulnerability in TOTOLINK X6000R allows Command Injection, File Manipulation.This issue affects X6000R: through V9.4.0cu.1360B20241207...

7.3CVSS0.0088EPSS

Exploits0References2

CVE•added 2025/09/24 5:44 p.m.•25 views

CVE-2025-52906

Summary (grounded in provided documents): TOTOLINK X6000R firmware versions up to and including V9.4.0cu.1360_B20241207 are affected by an OS Command Injection caused by improper neutralization of special elements in OS commands. This vulnerability could allow an attacker to execute arbitrary com...

9.8CVSS6.7AI score0.13164EPSS

Exploits0References2Affected Software1

OSV•added 2025/09/23 6:15 p.m.•1 views

CVE-2025-52905

Improper Input Validation vulnerability in TOTOLINK X6000R allows Flooding.This issue affects X6000R: through V9.4.0cu.1360B20241207...

7.5CVSS5.8AI score0.07597EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 1:53 a.m.•7 views

CVE-2023-46409

TOTOLINK X6000R v9.4.0cu.652B20230116 was discovered to contain a command execution vulnerability via the sub 41CC04 function...

9.8CVSS7.6AI score0.01391EPSS

Exploits1References1

CNNVD•added 2024/03/10 12:0 a.m.•3 views

TOTOLINK X6000R 操作系统命令注入漏洞

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X6000R version 9.4.0cu.85220230719 suffers from an operating system command injection vulnerability that originates from a security issue in the setDiagnosisCfg function in /cgi-bin/cstecgi.cgi in the...

9CVSS7.4AI score0.03952EPSS

Exploits2References4

ATTACKERKB•added 2024/01/24 6:15 p.m.•2 views

CVE-2023-52040

An issue discovered in TOTOLINK X6000R v9.4.0cu.852B20230719 allows attackers to run arbitrary commands via the sub41284C function...

9.8CVSS5.9AI score0.00852EPSS

Exploits1References2

Positive Technologies•added 2024/01/24 12:0 a.m.•3 views

PT-2024-14369 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.852 B20230719 Description: An issue in TOTOLINK X6000R allows attackers to run arbitrary commands via the sub 41284C function. Recommendations: For TOTOLINK X6000R version 9.4.0cu.852 B20230719, consider...

9.8CVSS7.6AI score0.00852EPSS

Exploits1References5

Positive Technologies•added 2024/01/16 12:0 a.m.•4 views

PT-2024-14371 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.852 B20230719 Description: An issue discovered in the sub 4117F8 function allows attackers to run arbitrary commands via the lang parameter. Recommendations: For TOTOLINK X6000R version 9.4.0cu.852 B20230719,...

9.8CVSS7.3AI score0.00949EPSS

Exploits1References5

OSV•added 2023/12/30 5:15 p.m.•2 views

CVE-2023-50651

TOTOLINK X6000R v9.4.0cu.852B20230719 was discovered to contain a remote command execution RCE vulnerability via the component /cgi-bin/cstecgi.cgi...

9.8CVSS5.9AI score0.01689EPSS

Exploits1References2

CNNVD•added 2023/12/30 12:0 a.m.•4 views

TOTOLINK X6000R 安全漏洞

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in TOTOLINK X6000R version v9.4.0cu.852B20230719, which stems from the component /cgi-bin/cstecgi.cgi failing to correctly filter constructed command special characters, commands,...

9.8CVSS7.3AI score0.01689EPSS

Exploits1References3

ATTACKERKB•added 2023/12/04 1:15 p.m.•2 views

CVE-2023-48799

TOTOLINK-X6000R Firmware-V9.4.0cu.852B20230719 is vulnerable to Command Execution...

9.8CVSS7.3AI score0.01434EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by