3 matches found
The vulnerability of the sub_410C80() function in the cstecgi.cgi script of the TOTOLINK X18 router’s microprogramming system, which allows a hacker to execute arbitrary commands.
The vulnerability of the sub410C80 function in the cstecgi.cgi script of the TOTOLINK X18 router’s microprogramming system is related to the lack of data cleaning measures at the control level when processing the mtkhnatEnable parameter. Exploiting this vulnerability allows an attacker to execute...
The vulnerability of the setL2tpdConfig function (cgi-bin/cstecgi.cgi) in the TOTOLINK X18 router microprogramming software, which allows a hacker to execute arbitrary commands.
The vulnerability of the setL2tpdConfig function cgi-bin/cstecgi.cgi in the TOTOLINK X18 router microprogramming software exists because measures to neutralize special elements during the processing of the enable parameter are not taken. Exploiting this vulnerability allows a remote attacker to...
CVE-2025-1339
A vulnerability was found in TOTOLINK X18 9.1.0cu.2024B20220329. It has been rated as critical. This issue affects the function setL2tpdConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable leads to os command injection. The attack may be initiated remotely. The exploit...