Show filters
15 Total Results
Displaying 1-10 of 15
Sort by:
Attacker Value
Very High
CVE-2023-30013
Disclosure Date: May 05, 2023 (last updated October 08, 2023)
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.
2
Attacker Value
Unknown
CVE-2024-42739
Disclosure Date: August 13, 2024 (last updated August 14, 2024)
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
0
Attacker Value
Unknown
CVE-2024-42738
Disclosure Date: August 13, 2024 (last updated August 14, 2024)
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
0
Attacker Value
Unknown
CVE-2024-42737
Disclosure Date: August 13, 2024 (last updated August 14, 2024)
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands.
0
Attacker Value
Unknown
CVE-2024-42748
Disclosure Date: August 12, 2024 (last updated August 14, 2024)
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
0
Attacker Value
Unknown
CVE-2024-42747
Disclosure Date: August 12, 2024 (last updated August 14, 2024)
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
0
Attacker Value
Unknown
CVE-2024-42745
Disclosure Date: August 12, 2024 (last updated August 14, 2024)
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
0
Attacker Value
Unknown
CVE-2024-42744
Disclosure Date: August 12, 2024 (last updated August 14, 2024)
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser. Authenticated Attackers can send malicious packet to execute arbitrary commands.
0
Attacker Value
Unknown
CVE-2024-42743
Disclosure Date: August 12, 2024 (last updated August 14, 2024)
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg . Authenticated Attackers can send malicious packet to execute arbitrary commands.
0
Attacker Value
Unknown
CVE-2024-42742
Disclosure Date: August 12, 2024 (last updated August 14, 2024)
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules. Authenticated Attackers can send malicious packet to execute arbitrary commands.
0
