cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-29798,https://securityvulnerability.io/vulnerability/CVE-2023-29798,Command Injection Vulnerability in TOTOLINK X18 Router,"The TOTOLINK X18 router has a command injection flaw that can be exploited through the command parameter in the setTracerouteCfg function. An attacker could use this vulnerability to execute arbitrary commands on the device, potentially leading to unauthorized access or manipulation of the router's settings. This makes it critical for users to ensure their devices are secured against such vulnerabilities.",Totolink,X18 Firmware,9.8,CRITICAL,0.2264299988746643,false,,false,false,false,,,false,false,,2023-04-14T00:00:00.000Z,0
CVE-2023-29799,https://securityvulnerability.io/vulnerability/CVE-2023-29799,Command Injection Vulnerability in TOTOLINK X18,"The TOTOLINK X18 device is affected by a command injection vulnerability that can be exploited through the hostname parameter in the setOpModeCfg function. This weakness could allow an attacker to execute arbitrary commands on the system, potentially leading to unauthorized access or manipulation of device settings. Users are advised to apply security updates to mitigate the risk associated with this vulnerability.",Totolink,X18 Firmware,9.8,CRITICAL,0.2264299988746643,false,,false,false,false,,,false,false,,2023-04-14T00:00:00.000Z,0
CVE-2023-29800,https://securityvulnerability.io/vulnerability/CVE-2023-29800,Command Injection Vulnerability in TOTOLINK Router,"The TOTOLINK X18 firmware version V9.1.0cu.2024_B20220329 has a command injection flaw that allows attackers to exploit the UploadFirmwareFile function through the FileName parameter. This vulnerability can enable unauthorized command execution, posing significant security risks to affected devices.",Totolink,X18 Firmware,9.8,CRITICAL,0.2264299988746643,false,,false,false,false,,,false,false,,2023-04-14T00:00:00.000Z,0
CVE-2023-29801,https://securityvulnerability.io/vulnerability/CVE-2023-29801,Command Injection Vulnerability in TOTOLINK Routers by TOTOLINK,"The TOTOLINK X18 router version V9.1.0cu.2024_B20220329 is susceptible to multiple command injection vulnerabilities. These weaknesses arise from improper validation of user input in the setSyslogCfg function, specifically through parameters rtLogEnabled and rtLogServer. An attacker may exploit these vulnerabilities to execute arbitrary commands on the affected device, potentially compromising its functionality and security.",Totolink,X18 Firmware,9.8,CRITICAL,0.2264299988746643,false,,false,false,false,,,false,false,,2023-04-14T00:00:00.000Z,0
CVE-2023-29802,https://securityvulnerability.io/vulnerability/CVE-2023-29802,Command Injection Vulnerability in TOTOLINK Router,"The TOTOLINK X18 router has a command injection vulnerability that stems from improper handling of the 'ip' parameter in the setDiagnosisCfg function. This can potentially allow attackers to execute arbitrary commands on the affected device, compromising network security and user data.",Totolink,X18 Firmware,9.8,CRITICAL,0.2264299988746643,false,,false,false,false,,,false,false,,2023-04-14T00:00:00.000Z,0
CVE-2023-29803,https://securityvulnerability.io/vulnerability/CVE-2023-29803,Command Injection Vulnerability in TOTOLINK X18 Product,"The TOTOLINK X18 model, specifically version 9.1.0cu.2024_B20220329, is exposed to a command injection vulnerability. This vulnerability occurs through improper handling of the 'pid' parameter within the 'disconnectVPN' function, which can allow an attacker to execute arbitrary commands on the system. Users are advised to update their firmware to prevent exploitation.",Totolink,X18 Firmware,9.8,CRITICAL,0.2264299988746643,false,,false,false,false,,,false,false,,2023-04-14T00:00:00.000Z,0