Lucene search
K

3 matches found

BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.6 views

The vulnerability of the sub_410C80() function in the cstecgi.cgi script of the TOTOLINK X18 router’s microprogramming system, which allows a hacker to execute arbitrary commands.

The vulnerability of the sub410C80 function in the cstecgi.cgi script of the TOTOLINK X18 router’s microprogramming system is related to the lack of data cleaning measures at the control level when processing the mtkhnatEnable parameter. Exploiting this vulnerability allows an attacker to execute...

6.5CVSS6.9AI score0.11413EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/18 12:0 a.m.6 views

The vulnerability of the setL2tpdConfig function (cgi-bin/cstecgi.cgi) in the TOTOLINK X18 router microprogramming software, which allows a hacker to execute arbitrary commands.

The vulnerability of the setL2tpdConfig function cgi-bin/cstecgi.cgi in the TOTOLINK X18 router microprogramming software exists because measures to neutralize special elements during the processing of the enable parameter are not taken. Exploiting this vulnerability allows a remote attacker to...

6.5CVSS6.9AI score0.02672EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/02/16 12:15 p.m.4 views

CVE-2025-1339

A vulnerability was found in TOTOLINK X18 9.1.0cu.2024B20220329. It has been rated as critical. This issue affects the function setL2tpdConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable leads to os command injection. The attack may be initiated remotely. The exploit...

8.8CVSS6.3AI score0.02672EPSS
Exploits0References5
Rows per page
Query Builder