CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-51020
https://notcve.org/view.php?id=CVE-2023-51020
22 Dec 2023 — TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi. TOTOlink EX1800T v9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro 'langType' de la interfaz setLanguageCfg de cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B20220316setLanguageCfg-langType •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-51021
https://notcve.org/view.php?id=CVE-2023-51021
22 Dec 2023 — TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi. TOTOlink EX1800T v9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro 'merge' de la interfaz setRptWizardCfg de cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B20220316setRptWizardCfg-merge •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-51022
https://notcve.org/view.php?id=CVE-2023-51022
22 Dec 2023 — TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langFlag’ parameter of the setLanguageCfg interface of the cstecgi .cgi. TOTOlink EX1800T v9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro 'langFlag' de la interfaz setLanguageCfg de cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/3/TOTOlinkEX1800T_V9.1.0cu.2112_B20220316setLanguageCfg-langFlag •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-51023
https://notcve.org/view.php?id=CVE-2023-51023
22 Dec 2023 — TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi. TOTOlink EX1800T v9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios en el parámetro 'host_time' de la interfaz NTPSyncWithHost del cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031NTPSyncWithHost-host_time •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-51024
https://notcve.org/view.php?id=CVE-2023-51024
22 Dec 2023 — TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi. TOTOlink EX1800T v9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro 'tz' de la interfaz setNtpCfg del cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setNtpCfg-tz •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-51025
https://notcve.org/view.php?id=CVE-2023-51025
22 Dec 2023 — TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi. TOTOlink EX1800T V9.1.0cu.2112_B20220316 es vulnerable a la ejecución de un comando arbitrario no autorizado en el parámetro 'admuser' de la interfaz setPasswordCfg del cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B20220316setPasswordCfg-admuser • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-51026
https://notcve.org/view.php?id=CVE-2023-51026
22 Dec 2023 — TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi. TOTOlink EX1800T V9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro 'hour' de la interfaz setRebootScheCfg de cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setRebootScheCfg-hour • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-51027
https://notcve.org/view.php?id=CVE-2023-51027
22 Dec 2023 — TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi. TOTOlink EX1800T V9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro 'apcliAuthMode' de la interfaz setWiFiExtenderConfig de cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/3/TOTOlinkEX1800T_V9.1.0cu.2112_B20220316setWiFiExtenderConfig-apcliAuthMode •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-51028
https://notcve.org/view.php?id=CVE-2023-51028
22 Dec 2023 — TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi. TOTOLINK EX1800T 9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro apcliChannel de la interfaz setWiFiExtenderConfig de cstecgi.cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/3/TOTOlinkEX1800T_V9.1.0cu.2112_B20220316setWiFiExtenderConfig-apcliChannel • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •