CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 1CVE-2024-24331
https://notcve.org/view.php?id=CVE-2024-24331
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setWiFiScheduleCfg function. Se descubrió que TOTOLINK A3300R V17.0.0cu.557_B20221024 contiene una vulnerabilidad de inyección de comandos a través del parámetro enable en la función setWiFiScheduleCfg. • https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/13/TOTOlink%20A3300R%20setWiFiScheduleCfg.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 1CVE-2024-24325
https://notcve.org/view.php?id=CVE-2024-24325
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setParentalRules function. Se descubrió que TOTOLINK A3300R V17.0.0cu.557_B20221024 contiene una vulnerabilidad de inyección de comandos a través del parámetro enable en la función setParentalRules. • https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/11/TOTOlink%20A3300R%20setParentalRules.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 12%CPEs: 2EXPL: 1CVE-2024-24324
https://notcve.org/view.php?id=CVE-2024-24324
TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root stored in /etc/shadow. Se descubrió que TOTOLINK A8000RU v7.1cu.643_B20200521 contenía una contraseña codificada para root almacenada en /etc/shadow. • https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A8000RU/TOTOlink%20A8000RU%20hard%20code.md • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 1CVE-2024-24329
https://notcve.org/view.php?id=CVE-2024-24329
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setPortForwardRules function. Se descubrió que TOTOLINK A3300R V17.0.0cu.557_B20221024 contiene una vulnerabilidad de inyección de comandos a través del parámetro enable en la función setPortForwardRules. • https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/10/TOTOlink%20A3300R%20setPortForwardRules.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 1CVE-2024-24330
https://notcve.org/view.php?id=CVE-2024-24330
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the port or enable parameter in the setRemoteCfg function. Se descubrió que TOTOLINK A3300R V17.0.0cu.557_B20221024 contiene una vulnerabilidad de inyección de comando a través de los parámetros port o enable en la función setRemoteCfg. • https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/14/TOTOlink%20A3300R%20setRemoteCfg.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •