Filtered by vendor Totolink
Subscribe
Total
1071 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36610 | 1 Totolink | 2 A720r, A720r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
|
|||||
| CVE-2022-36488 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.
|
|||||
| CVE-2022-36487 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.
|
|||||
| CVE-2022-36486 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
|
|||||
| CVE-2022-36485 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.
|
|||||
| CVE-2022-36484 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the function setDiagnosisCfg.
|
|||||
| CVE-2022-36483 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the pppoeUser parameter.
|
|||||
| CVE-2022-36482 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg.
|
|||||
| CVE-2022-36481 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg.
|
|||||
| CVE-2022-36480 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.
|
|||||
| CVE-2022-36479 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.
|
|||||
| CVE-2022-36466 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.
|
|||||
| CVE-2022-36465 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter.
|
|||||
| CVE-2022-36464 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.
|
|||||
| CVE-2022-36463 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.
|
|||||
| CVE-2022-36462 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.
|
|||||
| CVE-2022-36461 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.
|
|||||
| CVE-2022-36460 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
|
|||||
| CVE-2022-36459 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.
|
|||||
| CVE-2022-36458 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.
|
|||||
| CVE-2022-36456 | 1 Totolink | 2 A720r, A720r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.
|
|||||
| CVE-2022-36455 | 1 Totolink | 2 A3600r, A3600r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
|
TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.
|
|||||
| CVE-2022-35491 | 1 Totolink | 2 A3002ru, A3002ru Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample.
|
|||||
| CVE-2022-34993 | 1 Totolink | 2 A3600r, A3600r Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc/shadow.sample.
|
|||||
| CVE-2022-32993 | 1 Totolink | 2 A7000r, A7000r Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh.
|
|||||
| CVE-2022-32449 | 1 Totolink | 2 Ex300 V2, Ex300 V2 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
TOTOLINK EX300_V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet.
|
|||||
| CVE-2022-32053 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c.
|
|||||
| CVE-2022-32052 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4.
|
|||||
| CVE-2022-32051 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4.
|
|||||
| CVE-2022-32050 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40.
|
|||||
| CVE-2022-32049 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540.
|
|||||
| CVE-2022-32048 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88.
|
|||||
| CVE-2022-32047 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00412ef4.
|
|||||
| CVE-2022-32046 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_0041880c.
|
|||||
| CVE-2022-32045 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4.
|
|||||
| CVE-2022-32044 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80.
|
|||||
| CVE-2022-29646 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows attackers to obtain sensitive information via a crafted web request.
|
|||||
| CVE-2022-29645 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for root stored in the component /etc/shadow.sample.
|
|||||
| CVE-2022-29644 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for the telnet service stored in the component /web_cste/cgi-bin/product.ini.
|
|||||
| CVE-2022-29643 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||