Search Results (363281 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-51025 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 8.8 High
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi.
CVE-2023-51024 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi.
CVE-2023-51023 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi.
CVE-2023-51022 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langFlag’ parameter of the setLanguageCfg interface of the cstecgi .cgi.
CVE-2023-51021 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi.
CVE-2023-51019 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi.
CVE-2023-51017 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi.
CVE-2023-51016 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi.
CVE-2023-51015 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi
CVE-2023-51014 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 8.8 High
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi
CVE-2023-51013 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi.
CVE-2023-51012 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi.
CVE-2023-51011 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanPriDns parameter’ of the setLanConfig interface of the cstecgi .cgi
CVE-2023-51010 1 Qd-metro 1 Qingdao Metro 2024-11-21 5.3 Medium
An issue in the export component AdSdkH5Activity of com.sdjictec.qdmetro v4.2.2 allows attackers to open a crafted URL without any filtering or checking.
CVE-2023-51006 1 Zhwnl 1 Chinese Perpetual Calendar 2024-11-21 7.5 High
An issue in the openFile method of Chinese Perpetual Calendar v9.0.0 allows attackers to read any file via unspecified vectors.
CVE-2023-50993 1 Ruijie 4 Rg-ws6008, Rg-ws6008 Firmware, Rg-ws6108 and 1 more 2024-11-21 9.8 Critical
Ruijie WS6008 v1.x v2.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 and WS6108 v1.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 was discovered to contain a command injection vulnerability via the function downFiles.
CVE-2023-50992 1 Tenda 2 I29, I29 Firmware 2024-11-21 9.8 Critical
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function.
CVE-2023-50990 1 Tenda 2 I29, I29 Firmware 2024-11-21 9.8 Critical
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter in the sysScheduleRebootSet function.
CVE-2023-50988 1 Tenda 2 I29, I29 Firmware 2024-11-21 9.8 Critical
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the bandwidth parameter in the wifiRadioSetIndoor function.
CVE-2023-50987 1 Tenda 2 I29, I29 Firmware 2024-11-21 9.8 Critical
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysTimeInfoSet function.