jiceylc/VulnerabilityProjectRecords

Releases0

Stars2

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-24159 ↗	Feb 14, 2023Tuesday, 14 February 2023, 15:15	9.8 CRITICAL	—
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admpass parameter in the setPasswordCfg function.
CVE-2023-24160 ↗	Feb 14, 2023Tuesday, 14 February 2023, 15:15	9.8 CRITICAL	—
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.
CVE-2023-24161 ↗	Feb 14, 2023Tuesday, 14 February 2023, 15:15	9.8 CRITICAL	—
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the webWlanIdx parameter in the setWebWlanIdx function.
CVE-2022-45669 ↗	Dec 2, 2022Friday, 2 December 2022, 18:15	7.5 HIGH	—
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.
CVE-2022-45670 ↗	Dec 2, 2022Friday, 2 December 2022, 18:15	7.5 HIGH	—
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.
CVE-2022-45673 ↗	Dec 2, 2022Friday, 2 December 2022, 17:15	6.5 MEDIUM	—
Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.
CVE-2022-45674 ↗	Dec 2, 2022Friday, 2 December 2022, 17:15	6.5 MEDIUM	—
Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.