DaDong-G

5 exploits Active since Jul 2023
CVE-2023-37144 WRITEUP CRITICAL WRITEUP
Tendacn Ac10 Firmware - Command Injection
Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.
CVSS 9.8
CVE-2023-37145 WRITEUP CRITICAL WRITEUP
TOTOLINK LR350 V9.3.5u.6369_B20220309 - OS Command Injection via Hostname Parameter
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function.
CVSS 9.8
CVE-2023-37146 WRITEUP CRITICAL WORKING POC
TOTOLINK LR350 V9.3.5u.6369_B20220309 - OS Command Injection via UploadFirmwareFile FileName Parameter
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function.
CVSS 9.8
CVE-2023-37148 WRITEUP CRITICAL WRITEUP
TOTOLINK LR350 V9.3.5u.6369_B20220309 - OS Command Injection via setUssd ussd Parameter
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the ussd parameter in the setUssd function.
CVSS 9.8
CVE-2023-37149 WRITEUP CRITICAL WRITEUP
TOTOLINK LR350 V9.3.5u.6369_B20220309 - OS Command Injection via FileName Parameter
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function.
CVSS 9.8