Filtered by vendor Totolink
Subscriptions
Total
703 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27135 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-02-25 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg. | ||||
| CVE-2022-28491 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2025-02-25 | 9.8 Critical |
| TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 contains a command injection vulnerability in the NTPSyncWithHost function via the host_name parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-28492 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2025-02-25 | 9.8 Critical |
| TOTOLINK Technology CPE with firmware V6.3c.566 ,allows remote attackers to bypass Login. | ||||
| CVE-2022-28493 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2025-02-25 | 9.8 Critical |
| A vulnerability in TOTOLINK CP900 V6.3c.566 allows attackers to start the Telnet service, | ||||
| CVE-2022-28494 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2025-02-25 | 9.8 Critical |
| TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setUpgradeFW function via the filename parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-28496 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2025-02-25 | 9.8 Critical |
| TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 discovered to contain a command injection vulnerability in the setPasswordCfg function via the adminuser and adminpassparameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-28497 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2025-02-25 | 9.8 Critical |
| TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the mtd_write_bootloader function via the filename parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-28495 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2025-02-20 | 9.8 Critical |
| TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2023-27232 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-02-18 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg. | ||||
| CVE-2023-27231 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-02-18 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg. | ||||
| CVE-2023-27229 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-02-18 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg. | ||||
| CVE-2024-36783 | 1 Totolink | 1 Lr350 Firmware | 2025-02-13 | 9.8 Critical |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function. | ||||
| CVE-2024-35403 | 1 Totolink | 1 Cp900 L | 2025-02-13 | 2.7 Low |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setIpPortFilterRules | ||||
| CVE-2024-35399 | 1 Totolink | 1 Cp900l Firmware | 2025-02-13 | 8.8 High |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the password parameter in the function loginAuth | ||||
| CVE-2024-35398 | 1 Totolink | 1 Cp900 L | 2025-02-13 | 9.8 Critical |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setMacFilterRules. | ||||
| CVE-2024-35397 | 1 Totolink | 1 Cp900l Firmware | 2025-02-13 | 8.8 High |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2024-35396 | 1 Totolink | 1 Cp900 | 2025-02-13 | 9.8 Critical |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows attackers to log in as root. | ||||
| CVE-2024-35395 | 1 Totolink | 1 Cp900 L | 2025-02-13 | 8.8 High |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root. | ||||
| CVE-2024-35388 | 1 Totolink | 1 Nr1800x | 2025-02-13 | 8.8 High |
| TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode | ||||
| CVE-2024-35387 | 1 Totolink | 1 Lr350 | 2025-02-13 | 9.8 Critical |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. | ||||