Filtered by vendor Totolink
Subscribe
Total
514 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-36611 | 1 Totolink | 2 A800r, A800r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A800R V4.1.2cu.5137_B20200730 was discovered to contain a hardcoded password for root at /etc/shadow.sample. | |||||
CVE-2022-38535 | 1 Totolink | 2 A720r, A720r Firmware | 2023-12-10 | N/A | 7.2 HIGH |
TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function. | |||||
CVE-2022-36483 | 1 Totolink | 2 N350rt, N350rt Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the pppoeUser parameter. | |||||
CVE-2022-37842 | 1 Totolink | 2 A860r, A860r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
In TOTOLINK A860R V4.1.2cu.5182_B20201027, the parameters in infostat.cgi are not filtered, causing a buffer overflow vulnerability. | |||||
CVE-2022-38308 | 1 Totolink | 2 A7000ru, A7000ru Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload. | |||||
CVE-2022-38828 | 1 Totolink | 2 T6, T6 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to command injection via cstecgi.cgi | |||||
CVE-2022-36463 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. | |||||
CVE-2022-36458 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg. | |||||
CVE-2022-37081 | 1 Totolink | 2 A7000r, A7000r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the command parameter at setting/setTracerouteCfg. | |||||
CVE-2022-36616 | 1 Totolink | 2 A810r, A810r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A810R V4.1.2cu.5182_B20201026 and V5.9c.4050_B20190424 was discovered to contain a hardcoded password for root at /etc/shadow.sample. | |||||
CVE-2022-36460 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. | |||||
CVE-2022-41522 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an unauthenticated stack overflow via the "main" function. | |||||
CVE-2022-41525 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the OpModeCfg function at /cgi-bin/cstecgi.cgi. | |||||
CVE-2022-32052 | 1 Totolink | 2 T6, T6 Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4. | |||||
CVE-2022-38823 | 1 Totolink | 2 T6, T6 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample. | |||||
CVE-2022-36613 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at /etc/shadow.sample. | |||||
CVE-2022-36465 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter. | |||||
CVE-2022-36456 | 1 Totolink | 2 A720r, A720r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. | |||||
CVE-2022-34993 | 1 Totolink | 2 A3600r, A3600r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc/shadow.sample. | |||||
CVE-2022-36480 | 1 Totolink | 2 N350rt, N350rt Firmware | 2023-12-10 | N/A | 7.8 HIGH |
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. |