CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-52028
https://notcve.org/view.php?id=CVE-2023-52028
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function. Se descubrió que TOTOlink A3700R v9.1.2u.5822_B20200513 contiene una vulnerabilidad de ejecución remota de comandos (RCE) a través de la función setTracerouteCfg. • https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R_setTracerouteCfg •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-52029
https://notcve.org/view.php?id=CVE-2023-52029
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function. Se descubrió que TOTOlink A3700R v9.1.2u.5822_B20200513 contiene una vulnerabilidad de ejecución remota de comandos (RCE) a través de la función setDiagnosisCfg. • https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R%28setDiagnosisCfg%29 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-52027
https://notcve.org/view.php?id=CVE-2023-52027
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function. Se descubrió que TOTOlink A3700R v9.1.2u.5822_B20200513 contiene una vulnerabilidad de ejecución remota de comandos (RCE) a través de la función NTPSyncWithHost. • https://815yang.github.io/2023/12/23/a3700r/TOTOLINKA3700R_NTPSyncWithHost • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-50147
https://notcve.org/view.php?id=CVE-2023-50147
There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. Existe una vulnerabilidad de ejecución de comando arbitrario en la función setDiagnosisCfg del cstecgi .cgi del dispositivo enrutador TOTOlink A3700R en su versión de firmware V9.1.2u.5822_B20200513. • https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R%28setDiagnosisCfg%29 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-48192
https://notcve.org/view.php?id=CVE-2023-48192
An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function. Un problema en TOTOlink A3700R v.9.1.2u.6134_B20201202 permite a un atacante local ejecutar código arbitrario a través de la función setTracerouteCfg. • http://totolink.com https://github.com/zxsssd/TotoLink- https://www.totolink.net • CWE-94: Improper Control of Generation of Code ('Code Injection') •