CVE-2023-51024
https://notcve.org/view.php?id=CVE-2023-51024
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi. TOTOlink EX1800T v9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro 'tz' de la interfaz setNtpCfg del cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setNtpCfg-tz •
CVE-2023-51034
https://notcve.org/view.php?id=CVE-2023-51034
TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface. TOTOlink EX1200L V9.3.5u.6146_B20201023 es vulnerable a la ejecución de comandos arbitrarios a través de la interfaz cstecgi.cgi UploadFirmwareFile. • https://815yang.github.io/2023/12/12/ex1200l/totolink_ex1200L_UploadFirmwareFile • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2023-51015
https://notcve.org/view.php?id=CVE-2023-51015
TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi TOTOLINX EX1800T v9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios en 'enable parameter' de la interfaz setDmzCfg del cstecgi .cgi • https://815yang.github.io/2023/12/11/EX1800T/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setDmzCfg • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-51016
https://notcve.org/view.php?id=CVE-2023-51016
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi. TOTOlink EX1800T v9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en la interfaz setRebootScheCfg de cstecgi .cgi. • https://815yang.github.io/2023/12/10/EX1800T/TOTOlink%20EX1800T_V9.1.0cu.2112_B20220316%28setRebootScheCfg%29 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2023-51012
https://notcve.org/view.php?id=CVE-2023-51012
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi. TOTOlink EX1800T v9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro lanGateway de la interfaz setLanConfig de cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setLanConfig-lanGateway •