» 2022 » 2월

CVE-2022-25078

Posted on 2022년 2월 25일2022년 2월 25일 by admin

CVE-2022-25078

TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

Source: CVE-2022-25078

CVE-2022-25081

Posted on 2022년 2월 25일2022년 2월 25일 by admin

CVE-2022-25081

TOTOLink T10 V5.9c.5061_B20200511 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

Source: CVE-2022-25081

CVE-2022-25080

Posted on 2022년 2월 25일2022년 2월 25일 by admin

CVE-2022-25080

TOTOLink A830R V5.9c.4729_B20191112 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

Source: CVE-2022-25080

CVE-2022-25084

Posted on 2022년 2월 25일2022년 2월 25일 by admin

CVE-2022-25084

TOTOLink T6 V5.9c.4085_B20190428 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

Source: CVE-2022-25084

CVE-2022-25083

Posted on 2022년 2월 25일2022년 2월 25일 by admin

CVE-2022-25083

TOTOLink A860R V4.1.2cu.5182_B20201027 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

Source: CVE-2022-25083

CVE-2022-25104

Posted on 2022년 2월 25일2022년 2월 25일 by admin

CVE-2022-25104

HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/.

Source: CVE-2022-25104

CVE-2022-25101

Posted on 2022년 2월 25일2022년 2월 25일 by admin

CVE-2022-25101

A vulnerability in the component /templates/install.php of WBCE CMS v1.5.2 allows attackers to execute arbitrary code via a crafted PHP file.

Source: CVE-2022-25101

CVE-2022-25074

Posted on 2022년 2월 25일2022년 2월 25일 by admin

CVE-2022-25074

TP-Link TL-WR902AC(US)_V3_191209 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.

Source: CVE-2022-25074

CVE-2022-25099

Posted on 2022년 2월 25일2022년 2월 25일 by admin

CVE-2022-25099

A vulnerability in the component /languages/index.php of WBCE CMS v1.5.2 allows attackers to execute arbitrary code via a crafted PHP file.

Source: CVE-2022-25099

CVE-2022-25082

Posted on 2022년 2월 25일2022년 2월 25일 by admin

CVE-2022-25082

TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

Source: CVE-2022-25082