Total
21 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-22660 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-29 | N/A | 9.8 CRITICAL |
| TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg | |||||
| CVE-2024-22662 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-29 | N/A | 9.8 CRITICAL |
| TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules | |||||
| CVE-2024-22663 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-29 | N/A | 9.8 CRITICAL |
| TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg | |||||
| CVE-2023-52027 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function. | |||||
| CVE-2023-52028 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function. | |||||
| CVE-2023-52029 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function. | |||||
| CVE-2023-52030 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function. | |||||
| CVE-2023-52031 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function. | |||||
| CVE-2023-50147 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-29 | N/A | 9.8 CRITICAL |
| There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. | |||||
| CVE-2023-48192 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function. | |||||
| CVE-2023-43141 | 1 Totolink | 4 A3700r, A3700r Firmware, N600r and 1 more | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control. | |||||
| CVE-2023-46574 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function. | |||||
| CVE-2022-36461 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. | |||||
| CVE-2022-36459 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost. | |||||
| CVE-2022-36464 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. | |||||
| CVE-2022-36463 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. | |||||
| CVE-2022-36458 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg. | |||||
| CVE-2022-36460 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. | |||||
| CVE-2022-36465 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter. | |||||
| CVE-2022-36462 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. | |||||