whiter6666

16 exploits Active since Aug 2022
CVE-2022-36610 WRITEUP HIGH WRITEUP
Totolink A720r Firmware - Hard-coded Credentials
TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVSS 7.8
CVE-2022-36611 WRITEUP HIGH WRITEUP
Totolink A800r Firmware - Hard-coded Credentials
TOTOLINK A800R V4.1.2cu.5137_B20200730 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVSS 7.8
CVE-2022-36612 WRITEUP HIGH WRITEUP
Totolink A950rg Firmware - Hard-coded Credentials
TOTOLINK A950RG V4.1.2cu.5204_B20210112 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVSS 7.8
CVE-2022-36613 WRITEUP HIGH WRITEUP
Totolink N600r Firmware - Hard-coded Credentials
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVSS 7.8
CVE-2022-36614 WRITEUP HIGH WRITEUP
Totolink A860r Firmware - Hard-coded Credentials
TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVSS 7.8
CVE-2022-36615 WRITEUP HIGH WRITEUP
Totolink A3000ru Firmware - Hard-coded Credentials
TOTOLINK A3000RU V4.1.2cu.5185_B20201128 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVSS 7.8
CVE-2022-36616 WRITEUP HIGH WRITEUP
Totolink A810r Firmware - Hard-coded Credentials
TOTOLINK A810R V4.1.2cu.5182_B20201026 and V5.9c.4050_B20190424 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVSS 7.8
CVE-2022-38510 WRITEUP HIGH WRITEUP
Tenda_TX9pro V22.03.02.10 - Buffer Overflow
Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList.
CVSS 7.8
CVE-2022-38511 WRITEUP HIGH WRITEUP
TOTOLINK A810R V5.9c.4050_B20190424 - Command Injection
TOTOLINK A810R V5.9c.4050_B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi.
CVSS 7.8
CVE-2022-38823 WRITEUP CRITICAL WRITEUP
TOTOLINK T6 V4.1.5cu.709_B20210518 - Info Disclosure
In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample.
CVSS 9.8
CVE-2022-38826 WRITEUP CRITICAL WORKING POC
TOTOLINK T6 V4.1.5cu.709_B20210518 - Command Injection
In TOTOLINK T6 V4.1.5cu.709_B20210518, there is an execute arbitrary command in cstecgi.cgi.
CVSS 9.8
CVE-2022-38827 WRITEUP CRITICAL WORKING POC
TOTOLINK T6 V4.1.5cu.709_B20210518 - Buffer Overflow
TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to Buffer Overflow via cstecgi.cgi
CVSS 9.8
CVE-2022-38828 WRITEUP CRITICAL WORKING POC
TOTOLINK T6 V4.1.5cu.709_B20210518 - Command Injection
TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to command injection via cstecgi.cgi
CVSS 9.8
CVE-2022-38829 WRITEUP CRITICAL WRITEUP
Tenda RX9_Pro V22.03.02.10 - Buffer Overflow
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setMacFilterCfg.
CVSS 9.8
CVE-2022-38830 WRITEUP CRITICAL WORKING POC
Tenda RX9_Pro V22.03.02.10 - Buffer Overflow
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setIPv6Status.
CVSS 9.8
CVE-2022-38831 WRITEUP CRITICAL WORKING POC
Tenda RX9_Pro V22.03.02.10 - Buffer Overflow
Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList
CVSS 9.8