This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-41320 | |
[PRODUCT] | |
TOTOLINK A6000R | |
[VERSION] | |
V1.0.1-B20201211.2000 | |
[PROBLEM TYPE] | |
command injection | |
[DESCRIPTION] | |
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the get_apcli_conn_info function. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-41319 | |
[PRODUCT] | |
TOTOLINK A6000R | |
[VERSION] | |
V1.0.1-B20201211.2000 | |
[PROBLEM TYPE] | |
command injection | |
[DESCRIPTION] | |
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-41318 | |
[PRODUCT] | |
TOTOLINK A6000R | |
[VERSION] | |
V1.0.1-B20201211.2000 | |
[PROBLEM TYPE] | |
command injection | |
[DESCRIPTION] | |
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-41317 | |
[PRODUCT] | |
TOTOLINK A6000R | |
[VERSION] | |
V1.0.1-B20201211.2000 | |
[PROBLEM TYPE] | |
command injection | |
[DESCRIPTION] | |
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-41316 | |
[PRODUCT] | |
TOTOLINK A6000R | |
[VERSION] | |
V1.0.1-B20201211.2000 | |
[PROBLEM TYPE] | |
command injection | |
[DESCRIPTION] | |
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-41315 | |
[PRODUCT] | |
TOTOLINK A6000R | |
[VERSION] | |
V1.0.1-B20201211.2000 | |
[PROBLEM TYPE] | |
command injection | |
[DESCRIPTION] | |
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-41314 | |
[PRODUCT] | |
TOTOLINK A6000R | |
[VERSION] | |
V1.0.1-B20201211.2000 | |
[PROBLEM TYPE] | |
command injection | |
[DESCRIPTION] | |
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-39209 | |
[PRODUCT] | |
luci-app-sms-tool | |
[VERSION] | |
<= 1.9-6 | |
[PROBLEM TYPE] | |
command injection | |
[DESCRIPTION] | |
luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the score parameter. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-39208 | |
[PRODUCT] | |
luci-app-lucky | |
[VERSION] | |
<= 2.8.3 | |
[PROBLEM TYPE] | |
Unauthorized access | |
[DESCRIPTION] | |
luci-app-lucky v2.8.3 was discovered to contain hardcoded credentials. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CVE ID] | |
CVE-2024-39207 | |
[PRODUCT] | |
lua-shmem | |
[VERSION] | |
<= 1.0-1 | |
[PROBLEM TYPE] | |
buffer overflow | |
[DESCRIPTION] | |
lua-shmem v1.0-1 was discovered to contain a buffer overflow via the shmem_write function. |