tharsis1024/vuln

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-43453 ↗	Dec 1, 2023Friday, 1 December 2023, 02:15	9.8 CRITICAL	—
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component.
CVE-2023-43454 ↗	Dec 1, 2023Friday, 1 December 2023, 02:15	9.8 CRITICAL	—
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the hostName parameter of the switchOpMode component.
CVE-2023-43455 ↗	Dec 1, 2023Friday, 1 December 2023, 02:15	9.8 CRITICAL	—
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component.