XYIYM/Digging

GitHub

github.com

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

Stars5

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-51136 ↗	Dec 30, 2023Saturday, 30 December 2023, 16:15	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule.
CVE-2023-51135 ↗	Dec 30, 2023Saturday, 30 December 2023, 16:15	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup.
CVE-2023-51133 ↗	Dec 30, 2023Saturday, 30 December 2023, 16:15	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute.
CVE-2023-47005 ↗	Nov 9, 2023Thursday, 9 November 2023, 01:15	—	—
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2023-47008 ↗	Nov 9, 2023Thursday, 9 November 2023, 01:15	—	—
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2023-47007 ↗	Nov 9, 2023Thursday, 9 November 2023, 01:15	—	—
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2023-47006 ↗	Nov 9, 2023Thursday, 9 November 2023, 01:15	—	—
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2023-46408 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 41DD80 function.
CVE-2023-46424 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_422BD4 function.
CVE-2023-46423 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_417094 function.
CVE-2023-46422 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411994 function.
CVE-2023-46421 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411D00 function.
CVE-2023-46420 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41590C function.
CVE-2023-46409 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function.
CVE-2023-46410 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 416F60 function.
CVE-2023-46411 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function.
CVE-2023-46412 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function.
CVE-2023-46413 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function.
CVE-2023-46414 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function.
CVE-2023-46415 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41E588 function.
CVE-2023-46416 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ The 41A414 function.
CVE-2023-46417 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415498 function.
CVE-2023-46418 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_412688 function.
CVE-2023-46419 ↗	Oct 25, 2023Wednesday, 25 October 2023, 20:15	9.8 CRITICAL	—
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415730 function.
CVE-2023-46551 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formReflashClientTbl.
CVE-2023-46548 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlanRedirect.
CVE-2023-46564 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDMZ.
CVE-2023-46563 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpQoS.
CVE-2023-46562 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDosCfg.
CVE-2023-46560 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formTcpipSetup.
CVE-2023-46559 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIPv6Addr.
CVE-2023-46558 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice.
CVE-2023-46557 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAPVLAN.
CVE-2023-46556 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formFilter.
CVE-2023-46555 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPortFw.
CVE-2023-46554 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDel.
CVE-2023-46553 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formParentControl.
CVE-2023-46552 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAP.
CVE-2023-46550 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice.
CVE-2023-46549 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSetLg.
CVE-2023-46534 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function modifyAccPwdRegister.
CVE-2023-46526 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function resetCloudPwdRegister.
CVE-2023-46539 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function registerRequestHandle.
CVE-2023-46540 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formNtp.
CVE-2023-46541 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpv6Setup.
CVE-2023-46542 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMeshUploadConfig.
CVE-2023-46543 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlSiteSurvey.
CVE-2023-46544 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWirelessTbl.
CVE-2023-46545 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWsc.
CVE-2023-46546 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formStats.
CVE-2023-46547 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSysLog.
CVE-2023-46537 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function getRegVeriRegister.
CVE-2023-46536 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function chkRegVeriRegister.
CVE-2023-46535 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function getResetVeriRegister.
CVE-2023-46518 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
Mercury A15 V1.0 20230818_1.0.3 was discovered to contain a command execution vulnerability via the component cloudDeviceTokenSuccCB.
CVE-2023-46520 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function uninstallPluginReqHandle.
CVE-2023-46527 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin and TL-WDR7660 2.0.30 was discovered to contain a stack overflow via the function bindRequestHandle.
CVE-2023-46538 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function chkResetVeriRegister.
CVE-2023-46525 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function loginRegister.
CVE-2023-46523 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function upgradeInfoRegister.
CVE-2023-46522 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK device TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin and TL-WDR7660 2.0.30 were discovered to contain a stack overflow via the function deviceInfoRegister.
CVE-2023-46521 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function RegisterRegister.
CVE-2023-40848 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."
CVE-2023-40837 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADD50" function to execute commands.
CVE-2023-40845 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.
CVE-2023-40847 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.
CVE-2023-40844 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'
CVE-2023-40843 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."
CVE-2023-40842 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
CVE-2023-40841 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"
CVE-2023-40840 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."
CVE-2023-40839 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADF3C" function to execute commands.
CVE-2023-40838 ↗	Aug 30, 2023Wednesday, 30 August 2023, 17:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.
CVE-2023-40846 ↗	Aug 28, 2023Monday, 28 August 2023, 14:15	9.8 CRITICAL	—
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.