CVE-2024-42748
- EPSS 1.66%
- Veröffentlicht 12.08.2024 20:15:09
- Zuletzt bearbeitet 13.08.2024 17:08:53
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
CVE-2024-42747
- EPSS 1.05%
- Veröffentlicht 12.08.2024 20:15:09
- Zuletzt bearbeitet 13.08.2024 17:35:04
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
CVE-2024-42745
- EPSS 1.66%
- Veröffentlicht 12.08.2024 20:15:09
- Zuletzt bearbeitet 13.08.2024 17:09:44
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
CVE-2024-42744
- EPSS 1.66%
- Veröffentlicht 12.08.2024 20:15:09
- Zuletzt bearbeitet 15.08.2024 15:35:14
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser. Authenticated Attackers can send malicious packet to execute arbitrary commands.
CVE-2024-42743
- EPSS 1.65%
- Veröffentlicht 12.08.2024 20:15:09
- Zuletzt bearbeitet 13.08.2024 19:35:12
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg . Authenticated Attackers can send malicious packet to execute arbitrary commands.
CVE-2024-42742
- EPSS 1.66%
- Veröffentlicht 12.08.2024 20:15:08
- Zuletzt bearbeitet 13.08.2024 20:35:14
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules. Authenticated Attackers can send malicious packet to execute arbitrary commands.
CVE-2024-42741
- EPSS 1.17%
- Veröffentlicht 12.08.2024 20:15:08
- Zuletzt bearbeitet 13.08.2024 17:35:02
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
- EPSS 1.83%
- Veröffentlicht 14.05.2024 16:17:03
- Zuletzt bearbeitet 04.04.2025 14:27:30
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function.
- EPSS 1.03%
- Veröffentlicht 14.05.2024 16:17:03
- Zuletzt bearbeitet 04.04.2025 14:27:44
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi.
CVE-2024-32353
- EPSS 2.09%
- Veröffentlicht 14.05.2024 16:17:03
- Zuletzt bearbeitet 04.04.2025 14:27:54
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'port' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi.