CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2024-32352
https://notcve.org/view.php?id=CVE-2024-32352
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecL2tpEnable" parameter in the "cstecgi.cgi" binary. Se descubrió que TOTOLINK X5000R V9.1.0cu.2350_B20230313 contiene una vulnerabilidad de ejecución remota de comandos (RCE) autenticada a través del parámetro "ipsecL2tpEnable" en el binario "cstecgi.cgi". • https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md https://www.totolink.net • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2024-32351
https://notcve.org/view.php?id=CVE-2024-32351
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mru" parameter in the "cstecgi.cgi" binary. Se descubrió que TOTOLINK X5000R V9.1.0cu.2350_B20230313 contiene una vulnerabilidad de ejecución remota de comandos (RCE) autenticada a través del parámetro "mru" en el binario "cstecgi.cgi". • https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md https://www.totolink.net • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2024-32350
https://notcve.org/view.php?id=CVE-2024-32350
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecPsk" parameter in the "cstecgi.cgi" binary. Se descubrió que TOTOLINK X5000R V9.1.0cu.2350_B20230313 contiene una vulnerabilidad de ejecución remota de comandos (RCE) autenticada a través del parámetro "ipsecPsk" en el binario "cstecgi.cgi". • https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md https://www.totolink.net • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.0EPSS: %CPEs: -EXPL: 0CVE-2024-32349
https://notcve.org/view.php?id=CVE-2024-32349
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mtu" parameters in the "cstecgi.cgi" binary. Se descubrió que TOTOLINK X5000R V9.1.0cu.2350_B20230313 contiene una vulnerabilidad de ejecución remota de comandos (RCE) autenticada a través de los parámetros "mtu" en el binario "cstecgi.cgi". • https://github.com/1s1and123/Vulnerabilities/blob/main/device/ToToLink/X5000R/TOTOLink_X5000R_RCE.md https://www.totolink.net • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: -EPSS: %CPEs: -EXPL: 0CVE-2024-26367
https://notcve.org/view.php?id=CVE-2024-26367
Cross Site Scripting vulnerability in Evertz microsystems MViP-II Firmware 8.6.5, XPS-EDGE-* Build 1467, evEDGE-EO-* Build 0029, MMA10G-* Build 0498, 570IPG-X19-10G Build 0691 allows a remote attacker to execute arbitrary code via a crafted payload to the login parameters. • http://cc.com http://evertz.com https://wiki.notveg.ninja/blog/CVE-2024-26367 •