CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-43453
https://notcve.org/view.php?id=CVE-2023-43453
01 Dec 2023 — An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component. Un problema en TOTOLINK X6000R V9.4.0cu.652_B20230116 y V9.4.0cu.852_B20230719 permite a un atacante remoto ejecutar código arbitrario a través del parámetro IP del componente setDiagnosisCfg. • https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/2.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-43454
https://notcve.org/view.php?id=CVE-2023-43454
01 Dec 2023 — An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the hostName parameter of the switchOpMode component. Un problema en TOTOLINK X6000R V9.4.0cu.652_B20230116 y V9.4.0cu.852_B20230719 permite a un atacante remoto ejecutar código arbitrario a través del parámetro hostName del componente switchOpMode. • https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-43455
https://notcve.org/view.php?id=CVE-2023-43455
01 Dec 2023 — An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component. Un problema en TOTOLINK X6000R V9.4.0cu.652_B20230116 y V9.4.0cu.852_B20230719 permite a un atacante remoto ejecutar código arbitrario a través del parámetro de comando del componente setTracerouteCfg. • https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/3.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-46408
https://notcve.org/view.php?id=CVE-2023-46408
25 Oct 2023 — TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 41DD80 function. Se descubrió que TOTOLINK X6000R v9.4.0cu.652_B20230116 contiene una vulnerabilidad de ejecución de comandos a través de la función sub_ The 41DD80. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/16/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-46409
https://notcve.org/view.php?id=CVE-2023-46409
25 Oct 2023 — TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function. Se descubrió que TOTOLINK X6000R v9.4.0cu.652_B20230116 contiene una vulnerabilidad de ejecución de comandos a través de la función sub_41CC04. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/13/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-46410
https://notcve.org/view.php?id=CVE-2023-46410
25 Oct 2023 — TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 416F60 function. Se descubrió que TOTOLINK X6000R v9.4.0cu.652_B20230116 contiene una vulnerabilidad de ejecución de comandos a través de la función sub_ The 416F60. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/10/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-46411
https://notcve.org/view.php?id=CVE-2023-46411
25 Oct 2023 — TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function. Se descubrió que TOTOLINK X6000R v9.4.0cu.652_B20230116 contiene una vulnerabilidad de ejecución de comandos a través de la función sub_415258. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/11/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-46412
https://notcve.org/view.php?id=CVE-2023-46412
25 Oct 2023 — TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function. Se descubrió que TOTOLINK X6000R v9.4.0cu.652_B20230116 contiene una vulnerabilidad de ejecución de comandos a través de la función sub_41D998. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/15/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-46413
https://notcve.org/view.php?id=CVE-2023-46413
25 Oct 2023 — TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function. Se descubrió que TOTOLINK X6000R v9.4.0cu.652_B20230116 contiene una vulnerabilidad de ejecución de comandos a través de la función sub_4155DC. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/1/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-46414
https://notcve.org/view.php?id=CVE-2023-46414
25 Oct 2023 — TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function. Se descubrió que TOTOLINK X6000R v9.4.0cu.652_B20230116 contiene una vulnerabilidad de ejecución remota de comandos (RCE) a través de la función sub_41D494. • https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X6000R/14/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •