Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2026/05/04 1:15 a.m.2 views

CVE-2026-7718 Totolink WA300 POST Request cstecgi.cgi setWebWlanIdx command injection

A vulnerability was identified in Totolink WA300 5.2cu.7112B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument webWlanIdx leads to command injection. The attack may be initiated remotely. The...

6.5CVSS6.5AI score0.0375EPSS
Exploits0References5
CVE
CVEadded 2026/04/13 3:30 a.m.8 views

CVE-2026-6156

Totolink A7100RU (firmware 7.4cu.2313_b20191024) is affected via CGI Handler’s setIpQosRules function in /cgi-bin/cstecgi.cgi. Manipulating the Comment argument enables os command injection with remote exploitation reported. Public exploits exist. Affected product details and impact are corrobora...

10CVSS6.9AI score0.01221EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/03/20 7:2 p.m.21 views

CVE-2026-4497 Totolink WA300 cstecgi.cgi recvUpgradeNewFw os command injection

A vulnerability was determined in Totolink WA300 5.2cu.7112B20190227. Affected by this issue is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and...

7.5CVSS0.00767EPSS
Exploits1References6
CVE
CVEadded 2025/08/19 12:0 a.m.13 views

CVE-2025-51539

EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability in a web‑exposed script. A remote attacker can supply a crafted path parameter to read arbitrary files from the filesystem via directory traversal (e.g., ../../../), without authentication or proper path handling. Potentia...

5.3CVSS7.6AI score0.0015EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2025/06/09 12:0 a.m.1 views

TOTOLINK T10 安全漏洞

The TOTOLINK T10 is a wireless router manufactured by TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK T10 version 4.1.8cu.5207, which affects the function setWiFiMeshName in the /cgi-bin/cstecgi.cgi file of the component's POST request handler.An attacker can exploit the vulnerabilit...

9CVSS7.4AI score0.01422EPSS
Exploits1References2
CNVD
CNVDadded 2024/01/24 12:0 a.m.1 views

TOTOLINK LR1200GB setTracerouteCfg function stack buffer overflow vulnerability

The TOTOLINK LR1200GB is a wireless dual-band 4GLTE router from China's Gion Electronics TOTOLINK that supports 2.4GHz and 5GHz dual-band networks, and is primarily used to provide mobile broadband connectivity and Wi-Fi coverage. The TOTOLINK LR1200GB suffers from a stack buffer overflow...

9.8CVSS8.2AI score0.00398EPSS
Exploits0References1
OSV
OSVadded 2023/08/31 10:15 a.m.0 views

CVE-2023-41740

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in cgi component in Synology Router Manager SRM before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors...

5.3CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder