Filtered by vendor Totolink
Subscriptions
Total
679 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28495 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2025-02-20 | 9.8 Critical |
| TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2023-27232 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-02-18 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg. | ||||
| CVE-2023-27231 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-02-18 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg. | ||||
| CVE-2023-27229 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-02-18 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg. | ||||
| CVE-2024-36783 | 1 Totolink | 1 Lr350 Firmware | 2025-02-13 | 9.8 Critical |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function. | ||||
| CVE-2024-35403 | 1 Totolink | 1 Cp900 L | 2025-02-13 | 2.7 Low |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setIpPortFilterRules | ||||
| CVE-2024-35399 | 1 Totolink | 1 Cp900l Firmware | 2025-02-13 | 8.8 High |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the password parameter in the function loginAuth | ||||
| CVE-2024-35398 | 1 Totolink | 1 Cp900 L | 2025-02-13 | 9.8 Critical |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setMacFilterRules. | ||||
| CVE-2024-35397 | 1 Totolink | 1 Cp900l Firmware | 2025-02-13 | 8.8 High |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2024-35396 | 1 Totolink | 1 Cp900 | 2025-02-13 | 9.8 Critical |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows attackers to log in as root. | ||||
| CVE-2024-35395 | 1 Totolink | 1 Cp900 L | 2025-02-13 | 8.8 High |
| TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root. | ||||
| CVE-2024-35388 | 1 Totolink | 1 Nr1800x | 2025-02-13 | 8.8 High |
| TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode | ||||
| CVE-2024-35387 | 1 Totolink | 1 Lr350 | 2025-02-13 | 9.8 Critical |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. | ||||
| CVE-2024-35099 | 1 Totolink | 1 Lr350 Firmware | 2025-02-13 | 9.8 Critical |
| TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth. | ||||
| CVE-2024-34921 | 1 Totolink | 1 X5000r Firmware | 2025-02-13 | 8.8 High |
| TOTOLINK X5000R v9.1.0cu.2350_B20230313 was discovered to contain a command injection via the disconnectVPN function. | ||||
| CVE-2024-34308 | 1 Totolink | 1 Lr350 Firmware | 2025-02-13 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the function urldecode. | ||||
| CVE-2024-34219 | 1 Totolink | 1 Cp450 Firmware | 2025-02-13 | 8.6 High |
| TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the SetTelnetCfg function, which allows attackers to log in through telnet. | ||||
| CVE-2024-34218 | 1 Totolink | 1 Cp450 | 2025-02-13 | 3.8 Low |
| TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. | ||||
| CVE-2024-34217 | 1 Totolink | 1 Cp450 Firmware | 2025-02-13 | 7.7 High |
| TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function. | ||||
| CVE-2024-34215 | 1 Totolink | 1 Cp450 | 2025-02-13 | 7.3 High |
| TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function. | ||||