Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-43141 | 1 Totolink | 4 A3700r, A3700r Firmware, N600r and 1 more | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control. | |||||
| CVE-2022-36613 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | N/A | 7.8 HIGH |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at /etc/shadow.sample. | |||||
| CVE-2022-29396 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10. | |||||
| CVE-2022-28911 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate. | |||||
| CVE-2022-26188 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via /setting/NTPSyncWithHost. | |||||
| CVE-2022-26186 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the exportOvpn interface at cstecgi.cgi. | |||||
| CVE-2022-29394 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448. | |||||
| CVE-2022-28909 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx. | |||||
| CVE-2022-28913 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting. | |||||
| CVE-2022-29399 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0. | |||||
| CVE-2022-28912 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW. | |||||
| CVE-2022-27411 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R v5.3c.5507_B20171031 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter in the "Main" function. | |||||
| CVE-2022-26189 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface. | |||||
| CVE-2022-29397 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8. | |||||
| CVE-2022-28906 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg. | |||||
| CVE-2022-29398 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c. | |||||
| CVE-2022-28908 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg. | |||||
| CVE-2022-29392 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24. | |||||
| CVE-2022-29395 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4. | |||||
| CVE-2022-29393 | 1 Totolink | 2 N600r, N600r Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc. | |||||