CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-51026
https://notcve.org/view.php?id=CVE-2023-51026
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi. TOTOlink EX1800T V9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro 'hour' de la interfaz setRebootScheCfg de cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setRebootScheCfg-hour • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-51028
https://notcve.org/view.php?id=CVE-2023-51028
TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi. TOTOLINK EX1800T 9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro apcliChannel de la interfaz setWiFiExtenderConfig de cstecgi.cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/3/TOTOlinkEX1800T_V9.1.0cu.2112_B20220316setWiFiExtenderConfig-apcliChannel • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-51019
https://notcve.org/view.php?id=CVE-2023-51019
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi. TOTOlink EX1800T v9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro 'key5g' de la interfaz setWiFiExtenderConfig de cstecgi .cgi. • https://815yang.github.io/2023/12/11/EX1800T/2/TOTOlinkEX1800T_V9.1.0cu.2112_B20220316setWiFiExtenderConfig-key5g •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2023-51014
https://notcve.org/view.php?id=CVE-2023-51014
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi TOTOLINK EX1800T V9.1.0cu.2112_B20220316 es vulnerable a la ejecución de comandos arbitrarios no autorizados en el parámetro lanSecDns de la interfaz setLanConfig de cstecgi .cgi • https://815yang.github.io/2023/12/11/EX1800T/TOTOlinkEX1800T_V9.1.0cu.2112_B2022031setLanConfig_lanSecDns • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •