Kazamayc/vuln

Releases0

Stars3

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-33485 ↗	May 31, 2023Wednesday, 31 May 2023, 13:15	8.8 HIGH	—
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a post-authentication buffer overflow via parameter sPort/ePort in the addEffect function.
CVE-2023-33486 ↗	May 31, 2023Wednesday, 31 May 2023, 13:15	9.8 CRITICAL	—
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setOpModeCfg. This vulnerability allows an attacker to execute arbitrary commands through the "hostName" parameter.
CVE-2023-33487 ↗	May 31, 2023Wednesday, 31 May 2023, 13:15	9.8 CRITICAL	—
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a command insertion vulnerability in setDiagnosisCfg.This vulnerability allows an attacker to execute arbitrary commands through the "ip" parameter.
CVE-2023-30013 ↗	May 5, 2023Friday, 5 May 2023, 14:15	9.8 CRITICAL	—
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.