Totolink Ex1200L vulnerabilities

CVE-2024-7908 [HIGH] CWE-121 CVE-2024-7908: A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B202010 A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. Affected is the function setDefResponse of the file /www/cgi-bin/cstecgi.cgi. The manipulation of the argument IpAddress leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public a

CVE-2024-7909 [HIGH] CWE-121 CVE-2024-7909: A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical. A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical. Affected by this vulnerability is the function setLanguageCfg of the file /www/cgi-bin/cstecgi.cgi. The manipulation of the argument langType leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the

CVE-2024-7334 [HIGH] CWE-120 CVE-2024-7334: A vulnerability was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. It has been rated as critical. A vulnerability was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. It has been rated as critical. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273257 wa

CVE-2024-7337 [HIGH] CWE-120 CVE-2024-7337: A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200L 9.3.5u.6146_B2 A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be u

CVE-2024-7338 [HIGH] CWE-120 CVE-2024-7338: A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B202010 A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. This affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument week/sTime/eTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and m

CVE-2023-4412 [MEDIUM] CWE-78 CVE-2023-4412: A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This issue affects the function setWanCfg. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237515. N

CVE-2023-4411 [MEDIUM] CWE-78 CVE-2023-4411: A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as criti A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-237514 is the identifier assigned to th

CVE-2023-4410 [MEDIUM] CWE-78 CVE-2023-4410: A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20 A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023. This affects the function setDiagnosisCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237513 was assigned to thi