Filtered by vendor Totolink
Subscribe
Total
514 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36462 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. | |||||
| CVE-2022-35491 | 1 Totolink | 2 A3002ru, A3002ru Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample. | |||||
| CVE-2022-37075 | 1 Totolink | 2 A7000r, A7000r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. | |||||
| CVE-2022-36614 | 1 Totolink | 2 A860r, A860r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a hardcoded password for root at /etc/shadow.sample. | |||||
| CVE-2022-37078 | 1 Totolink | 2 A7000r, A7000r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the lang parameter at /setting/setLanguageCfg. | |||||
| CVE-2022-37077 | 1 Totolink | 2 A7000r, A7000r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the pppoeUser parameter. | |||||
| CVE-2022-37076 | 1 Totolink | 2 A7000r, A7000r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. | |||||
| CVE-2022-36615 | 1 Totolink | 2 A3000ru, A3000ru Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3000RU V4.1.2cu.5185_B20201128 was discovered to contain a hardcoded password for root at /etc/shadow.sample. | |||||
| CVE-2022-32449 | 1 Totolink | 2 Ex300 V2, Ex300 V2 Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK EX300_V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet. | |||||
| CVE-2022-37082 | 1 Totolink | 2 A7000r, A7000r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the host_time parameter at the function NTPSyncWithHost. | |||||
| CVE-2022-37840 | 1 Totolink | 2 A860r, A860r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| In TOTOLINK A860R V4.1.2cu.5182_B20201027, the main function in downloadfile.cgi has a buffer overflow vulnerability. | |||||
| CVE-2022-40110 | 1 Totolink | 2 A3002r, A3002r Firmware | 2023-12-10 | N/A | 7.5 HIGH |
| TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa. | |||||
| CVE-2022-32993 | 1 Totolink | 2 A7000r, A7000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh. | |||||
| CVE-2022-32048 | 1 Totolink | 2 T6, T6 Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88. | |||||
| CVE-2022-32049 | 1 Totolink | 2 T6, T6 Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540. | |||||
| CVE-2022-41518 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the UploadFirmwareFile function at /cgi-bin/cstecgi.cgi. | |||||
| CVE-2022-41517 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2023-12-10 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow in the lang parameter in the setLanguageCfg function | |||||
| CVE-2022-36466 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. | |||||
| CVE-2022-36488 | 1 Totolink | 2 N350rt, N350rt Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. | |||||
| CVE-2022-40475 | 1 Totolink | 2 A860r, A860r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a command injection via the component /cgi-bin/downloadFile.cgi. | |||||