Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-08-13 CVE-2024-42738 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-13 CVE-2024-42739 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42741 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42742 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42743 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg .
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42744 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42745 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42747 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42748 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-39091 OS Command Injection vulnerability in Annke Crater 2 Firmware 5.4.1.221222153318
An OS command injection vulnerability in the ccm_debug component of MIPC Camera firmware prior to v5.4.1.240424171021 allows attackers within the same network to execute arbitrary code via a crafted HTML request.
low complexity
annke CWE-78
8.8
8.8