CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-43453
https://notcve.org/view.php?id=CVE-2023-43453
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component. Un problema en TOTOLINK X6000R V9.4.0cu.652_B20230116 y V9.4.0cu.852_B20230719 permite a un atacante remoto ejecutar código arbitrario a través del parámetro IP del componente setDiagnosisCfg. • https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/2.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-43454
https://notcve.org/view.php?id=CVE-2023-43454
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the hostName parameter of the switchOpMode component. Un problema en TOTOLINK X6000R V9.4.0cu.652_B20230116 y V9.4.0cu.852_B20230719 permite a un atacante remoto ejecutar código arbitrario a través del parámetro hostName del componente switchOpMode. • https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-43455
https://notcve.org/view.php?id=CVE-2023-43455
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component. Un problema en TOTOLINK X6000R V9.4.0cu.652_B20230116 y V9.4.0cu.852_B20230719 permite a un atacante remoto ejecutar código arbitrario a través del parámetro de comando del componente setTracerouteCfg. • https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/3.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2023-46414
https://notcve.org/view.php?id=CVE-2023-46414
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function. Se descubrió que TOTOLINK X6000R v9.4.0cu.652_B20230116 contiene una vulnerabilidad de ejecución remota de comandos (RCE) a través de la función sub_41D494. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/14/1.md https://www.totolink.cn/index.php/home/menu/detail.html?menu_listtpl=download&id=88&ids=36 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2023-46420
https://notcve.org/view.php?id=CVE-2023-46420
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41590C function. Se descubrió que TOTOLINK X6000R v9.4.0cu.652_B20230116 contiene una vulnerabilidad de ejecución remota de comandos (RCE) a través de la función sub_41590C. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/5/1.md https://www.totolink.cn/index.php/home/menu/detail.html?menu_listtpl=download&id=88&ids=36 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •