CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-45984
https://notcve.org/view.php?id=CVE-2023-45984
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. Se descubrió que TOTOLINK X5000R V9.1.0u.6118_B20201102 y TOTOLINK A7000R V9.1.0u.6115_B20201022 contenían un desbordamiento de pila a través del parámetro lang en la función setLanguageCfg. • https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/setLanguageCfg.md • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-36947
https://notcve.org/view.php?id=CVE-2023-36947
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule. Se descubrió que TOTOLINK X5000R V9.1.0u.6118_B20201102 y TOTOLINK A7000R V9.1.0u.6115_B20201022 contenían un desbordamiento de pila a través del parámetro File en la función UploadCustomModule. • https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/UploadCustomModule.md • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-36950
https://notcve.org/view.php?id=CVE-2023-36950
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. Se descubrió que TOTOLINK X5000R V9.1.0u.6118_B20201102 y TOTOLINK A7000R V9.1.0u.6115_B20201022 contenían un desbordamiento de pila a través del parámetro http_host en la función loginAuth. • https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/loginauth.md • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2023-45985
https://notcve.org/view.php?id=CVE-2023-45985
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 were discovered to contain a stack overflow in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. Se descubrió que TOTOLINK X5000R V9.1.0u.6118_B20201102 y TOTOLINK A7000R V9.1.0u.6115_B20201022 contenían un desbordamiento de pila en la función setParentalRules. Esta vulnerabilidad permite a los atacantes provocar una Denegación de Servicio (DoS) mediante una solicitud POST manipulada. • https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/setParentalRules.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 1CVE-2023-33487
https://notcve.org/view.php?id=CVE-2023-33487
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a command insertion vulnerability in setDiagnosisCfg.This vulnerability allows an attacker to execute arbitrary commands through the "ip" parameter. • https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/4 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •