cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-36340,https://securityvulnerability.io/vulnerability/CVE-2023-36340,Stack Overflow Vulnerability in TOTOLINK NR1800X Router,"TOTOLINK NR1800X V9.1.0u.6279_B20210910 is susceptible to a stack overflow condition caused by insufficient input validation in the http_host parameter during the login authentication process. This weakness may allow a remote attacker to execute arbitrary code, potentially compromising the device and the network it is connected to.",Totolink,Nr1800x Firmware,9.8,CRITICAL,0.0013599999947473407,false,,false,false,false,,,false,false,,2023-10-16T05:15:00.000Z,0
CVE-2022-44256,https://securityvulnerability.io/vulnerability/CVE-2022-44256,Buffer Overflow Vulnerability in TOTOLINK Router,"The vulnerability in the TOTOLINK LR350 router arises from a post-authentication buffer overflow triggered by the 'lang' parameter within the setLanguageCfg function. This flaw can potentially lead to unauthorized access or remote code execution, thereby compromising the device's security and integrity.",Totolink,Nr1800x Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-11-23T00:00:00.000Z,0
CVE-2022-41520,https://securityvulnerability.io/vulnerability/CVE-2022-41520,Stack Overflow Vulnerability in TOTOLINK NR1800X by TOTOLINK,"The TOTOLINK NR1800X includes a vulnerability that allows authenticated users to exploit a stack overflow through the File parameter in the UploadCustomModule function. This flaw can lead to potential unauthorized access or execution of arbitrary code, raising concerns about the security of the affected device.",Totolink,Nr1800x Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0
CVE-2022-41521,https://securityvulnerability.io/vulnerability/CVE-2022-41521,Authenticated Stack Overflow in TOTOLINK NR1800X,"The TOTOLINK NR1800X model has been found vulnerable to an authenticated stack overflow, triggered through improper handling of the sPort and ePort parameters in the setIpPortFilterRules function. This flaw allows potentially malicious actors with authenticated access to exploit the vulnerability, potentially leading to unauthorized access or control over the affected device. Ensuring that devices are updated to the latest firmware and implementing security best practices is crucial to mitigate risks associated with this vulnerability.",Totolink,Nr1800x Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0
CVE-2022-41522,https://securityvulnerability.io/vulnerability/CVE-2022-41522,Stack Overflow Vulnerability in TOTOLINK NR1800X Router,"An unauthenticated stack overflow vulnerability has been identified in the TOTOLINK NR1800X router, where the 'main' function allows attackers to execute arbitrary code without authentication. This flaw can potentially lead to remote code execution, compromising the integrity and security of the device.",Totolink,Nr1800x Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0
CVE-2022-41523,https://securityvulnerability.io/vulnerability/CVE-2022-41523,Authenticated Stack Overflow in TOTOLINK NR1800X Router,"The TOTOLINK NR1800X router contains a vulnerability that allows for an authenticated stack overflow through the command parameter in the setTracerouteCfg function. Attackers with authenticated access could exploit this vulnerability to execute arbitrary code or disrupt the normal operation of the device, potentially compromising network security.",Totolink,Nr1800x Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0
CVE-2022-41517,https://securityvulnerability.io/vulnerability/CVE-2022-41517,Stack Overflow Vulnerability in TOTOLINK NR1800X Router,"The TOTOLINK NR1800X router has a vulnerability in the setLanguageCfg function related to the lang parameter, allowing for a potential stack overflow. This flaw could be exploited to execute arbitrary code or cause denial of service, posing a risk to the device's integrity and security. Users are advised to review and update their router firmware to mitigate potential threats associated with this vulnerability.",Totolink,Nr1800x Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0
CVE-2022-41525,https://securityvulnerability.io/vulnerability/CVE-2022-41525,Command Injection Vulnerability in TOTOLINK NR1800X Router,A command injection vulnerability exists in the TOTOLINK NR1800X router that enables attackers to execute arbitrary commands through the OpModeCfg function located at /cgi-bin/cstecgi.cgi. This flaw can compromise the security of the device and potentially lead to unauthorized access or control over the network.,Totolink,Nr1800x Firmware,9.8,CRITICAL,0.03627999871969223,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0
CVE-2022-41526,https://securityvulnerability.io/vulnerability/CVE-2022-41526,Authenticated Stack Overflow in TOTOLINK NR1800X by TOTOLINK,The TOTOLINK NR1800X router is vulnerable to an authenticated stack overflow due to improper handling of the 'ip' parameter in the setDiagnosisCfg function. This could potentially allow attackers to execute arbitrary code or disrupt device functionality if they gain access to the administrative interface.,Totolink,Nr1800x Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0
CVE-2022-41527,https://securityvulnerability.io/vulnerability/CVE-2022-41527,Authenticated Stack Overflow Vulnerability in TOTOLINK NR1800X Router,"The TOTOLINK NR1800X router version V9.1.0u.6279_B20210910 is susceptible to an authenticated stack overflow vulnerability. This occurs through the pppoeUser parameter within the setOpModeCfg function, allowing potential exploitation by malicious users to execute arbitrary code, which may lead to unauthorized access and compromise of the router's functionalities.",Totolink,Nr1800x Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0
CVE-2022-41528,https://securityvulnerability.io/vulnerability/CVE-2022-41528,Authenticated Stack Overflow in TOTOLINK NR1800X Router,"The TOTOLINK NR1800X router has been identified to have a severe vulnerability originating from an authenticated stack overflow in the setSmsCfg function. This occurs when the text parameter is improperly handled, potentially allowing an attacker to exploit the flaw once they have valid access credentials. Such vulnerabilities can lead to denial of service or arbitrary code execution, posing a significant risk to network integrity.",Totolink,Nr1800x Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0
CVE-2022-41524,https://securityvulnerability.io/vulnerability/CVE-2022-41524,Authenticated Stack Overflow in TOTOLINK NR1800X Router,"The TOTOLINK NR1800X router, specifically version V9.1.0u.6279_B20210910, contains a vulnerability that allows authenticated users to exploit a stack overflow condition via the week, sTime, and eTime parameters within the setParentalRules function. This could enable potential attackers to execute arbitrary code, leading to further compromise of the device.",Totolink,Nr1800x Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0
CVE-2022-41518,https://securityvulnerability.io/vulnerability/CVE-2022-41518,Command Injection Vulnerability in TOTOLINK NR1800X Router,"The TOTOLINK NR1800X V9.1.0u.6279_B20210910 router is susceptible to a command injection vulnerability found in the UploadFirmwareFile function located in /cgi-bin/cstecgi.cgi. This flaw can be exploited by an attacker to execute arbitrary commands on the device, potentially leading to unauthorized access and manipulation of the system.",Totolink,Nr1800x Firmware,9.8,CRITICAL,0.03627999871969223,false,,false,false,false,,,false,false,,2022-10-06T00:00:00.000Z,0