Filtered by vendor Totolink
Subscribe
Total
747 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-36954 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection. | |||||
| CVE-2023-36953 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection. | |||||
| CVE-2023-36952 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg. | |||||
| CVE-2023-36950 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. | |||||
| CVE-2023-36947 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule. | |||||
| CVE-2023-36340 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. | |||||
| CVE-2023-34669 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system. | |||||
| CVE-2023-2790 | 1 Totolink | 2 N200re, N200re Firmware | 2024-11-21 | 1.4 LOW | 2.3 LOW |
| A vulnerability classified as problematic has been found in TOTOLINK N200RE 9.3.5u.6255_B20211224. Affected is an unknown function of the file /squashfs-root/etc_ro/custom.conf of the component Telnet Service. The manipulation leads to password in configuration file. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-229374 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-29799 | 1 Totolink | 2 X18, X18 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function. | |||||
| CVE-2023-25395 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules. | |||||
| CVE-2022-46025 | 1 Totolink | 2 N200re V5, N200re V5 Firmware | 2024-11-21 | N/A | 9.1 CRITICAL |
| Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page. | |||||
| CVE-2022-41528 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function. | |||||
| CVE-2022-41527 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the pppoeUser parameter in the setOpModeCfg function. | |||||
| CVE-2022-41526 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the ip parameter in the setDiagnosisCfg function. | |||||
| CVE-2022-41525 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the OpModeCfg function at /cgi-bin/cstecgi.cgi. | |||||
| CVE-2022-41524 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the week, sTime, and eTime parameters in the setParentalRules function. | |||||
| CVE-2022-41523 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function. | |||||
| CVE-2022-41522 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an unauthenticated stack overflow via the "main" function. | |||||
| CVE-2022-41521 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the sPort/ePort parameter in the setIpPortFilterRules function. | |||||
| CVE-2022-41520 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the File parameter in the UploadCustomModule function. | |||||