1s1and123/Vulnerabilities

1s1and123/Vulnerabilities

Releases0

Stars1

Some Vulnerability

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-32352 ↗	May 14, 2024Tuesday, 14 May 2024, 16:17	8.8 HIGH	—
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecL2tpEnable" parameter in the "cstecgi.cgi" binary.
CVE-2024-32353 ↗	May 14, 2024Tuesday, 14 May 2024, 16:17	9.8 CRITICAL	—
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'port' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi.
CVE-2024-32354 ↗	May 14, 2024Tuesday, 14 May 2024, 16:17	6 MEDIUM	—
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi.
CVE-2024-32355 ↗	May 14, 2024Tuesday, 14 May 2024, 16:17	8 HIGH	—
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function.
CVE-2024-32349 ↗	May 14, 2024Tuesday, 14 May 2024, 16:17	6 MEDIUM	—
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mtu" parameters in the "cstecgi.cgi" binary.
CVE-2024-32350 ↗	May 14, 2024Tuesday, 14 May 2024, 16:17	8.8 HIGH	—
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecPsk" parameter in the "cstecgi.cgi" binary.
CVE-2024-32351 ↗	May 14, 2024Tuesday, 14 May 2024, 16:17	8.8 HIGH	—
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mru" parameter in the "cstecgi.cgi" binary.