Filtered by vendor Totolink
Subscribe
Total
513 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-38534 | 1 Totolink | 2 A720r, A720r Firmware | 2023-12-10 | N/A | 7.2 HIGH |
TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setdiagnosicfg function. | |||||
CVE-2022-37083 | 1 Totolink | 2 A7000r, A7000r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg. | |||||
CVE-2022-32046 | 1 Totolink | 2 T6, T6 Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_0041880c. | |||||
CVE-2022-36479 | 1 Totolink | 2 N350rt, N350rt Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost. | |||||
CVE-2022-36481 | 1 Totolink | 2 N350rt, N350rt Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg. | |||||
CVE-2022-36464 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. | |||||
CVE-2022-37841 | 1 Totolink | 2 A860r, A860r Firmware | 2023-12-10 | N/A | 7.5 HIGH |
In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow.sample. | |||||
CVE-2022-37084 | 1 Totolink | 2 A7000r, A7000r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the sPort parameter at the addEffect function. | |||||
CVE-2022-32044 | 1 Totolink | 2 T6, T6 Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80. | |||||
CVE-2022-41524 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2023-12-10 | N/A | 8.8 HIGH |
TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the week, sTime, and eTime parameters in the setParentalRules function. | |||||
CVE-2022-37079 | 1 Totolink | 2 A7000r, A7000r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. | |||||
CVE-2022-41527 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2023-12-10 | N/A | 8.8 HIGH |
TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the pppoeUser parameter in the setOpModeCfg function. | |||||
CVE-2022-32045 | 1 Totolink | 2 T6, T6 Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4. | |||||
CVE-2022-36482 | 1 Totolink | 2 N350rt, N350rt Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg. | |||||
CVE-2022-37843 | 1 Totolink | 2 A860r, A860r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
In TOTOLINK A860R V4.1.2cu.5182_B20201027 in cstecgi.cgi, the acquired parameters are directly put into the system for execution without filtering, resulting in a command injection vulnerability. | |||||
CVE-2022-41521 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2023-12-10 | N/A | 8.8 HIGH |
TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the sPort/ePort parameter in the setIpPortFilterRules function. | |||||
CVE-2022-40111 | 1 Totolink | 2 A3002r, A3002r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware. | |||||
CVE-2022-32047 | 1 Totolink | 2 T6, T6 Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00412ef4. | |||||
CVE-2022-41520 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2023-12-10 | N/A | 8.8 HIGH |
TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the File parameter in the UploadCustomModule function. | |||||
CVE-2022-36611 | 1 Totolink | 2 A800r, A800r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A800R V4.1.2cu.5137_B20200730 was discovered to contain a hardcoded password for root at /etc/shadow.sample. |