CVE-2022-48126
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function.
Source: CVE-2022-48126
[월:] 2023년 01월
CVE-2022-48124
CVE-2022-48124
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function.
Source: CVE-2022-48124
CVE-2022-48125
CVE-2022-48125
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function.
Source: CVE-2022-48125
CVE-2022-48122
CVE-2022-48122
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function.
Source: CVE-2022-48122
CVE-2022-43959
CVE-2022-43959
Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php.
Source: CVE-2022-43959
CVE-2022-48123
CVE-2022-48123
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function.
Source: CVE-2022-48123
CVE-2022-48121
CVE-2022-48121
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function.
Source: CVE-2022-48121
CVE-2022-41441
CVE-2022-41441
Multiple cross-site scripting (XSS) vulnerabilities in ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters.
Source: CVE-2022-41441
CVE-2021-37499
CVE-2021-37499
CRLF vulnerability in Reprise License Manager (RLM) web interface through 14.2BL4 in the password parameter in View License Result function, that allows remote attackers to inject arbitrary HTTP headers.
Source: CVE-2021-37499
CVE-2021-37500
CVE-2021-37500
Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that allows RLM users with sufficient privileges to overwrite any file the on the server.
Source: CVE-2021-37500