T6
by Totolink
CVEs (16)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-38828 | Cri | 0.65 | 9.8 | 0.19 | Sep 16, 2022 | TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to command injection via cstecgi.cgi | ||
| CVE-2022-38827 | Cri | 0.65 | 9.8 | 0.12 | Sep 16, 2022 | TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to Buffer Overflow via cstecgi.cgi | ||
| CVE-2023-7221 | Cri | 0.64 | 9.8 | 0.02 | Jan 9, 2024 | A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer… | ||
| CVE-2022-38826 | Cri | 0.64 | 9.8 | 0.01 | Sep 16, 2022 | In TOTOLINK T6 V4.1.5cu.709_B20210518, there is an execute arbitrary command in cstecgi.cgi. | ||
| CVE-2022-38823 | Cri | 0.64 | 9.8 | 0.01 | Sep 16, 2022 | In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample. | ||
| CVE-2022-32053 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c. | ||
| CVE-2022-32052 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4. | ||
| CVE-2022-32051 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4. | ||
| CVE-2022-32050 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40. | ||
| CVE-2022-32049 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540. | ||
| CVE-2022-32048 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88. | ||
| CVE-2022-32047 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00412ef4. | ||
| CVE-2022-32046 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_0041880c. | ||
| CVE-2022-32045 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4. | ||
| CVE-2022-32044 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2022 | TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80. | ||
| CVE-2023-7223 | Med | 0.35 | 5.3 | 0.01 | Jan 9, 2024 | A vulnerability classified as problematic has been found in Totolink T6 4.1.9cu.5241_B20210923. This affects an unknown part of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to improper access controls. It is possible to… |
- risk 0.65cvss 9.8epss 0.19
TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to command injection via cstecgi.cgi
- risk 0.65cvss 9.8epss 0.12
TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to Buffer Overflow via cstecgi.cgi
- risk 0.64cvss 9.8epss 0.02
A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer…
- risk 0.64cvss 9.8epss 0.01
In TOTOLINK T6 V4.1.5cu.709_B20210518, there is an execute arbitrary command in cstecgi.cgi.
- risk 0.64cvss 9.8epss 0.01
In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00412ef4.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_0041880c.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80.
- risk 0.35cvss 5.3epss 0.01
A vulnerability classified as problematic has been found in Totolink T6 4.1.9cu.5241_B20210923. This affects an unknown part of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to improper access controls. It is possible to…