VYPR

T6

by Totolink

CVEs (16)

  • CVE-2022-38828CriSep 16, 2022
    risk 0.65cvss 9.8epss 0.19

    TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to command injection via cstecgi.cgi

  • CVE-2022-38827CriSep 16, 2022
    risk 0.65cvss 9.8epss 0.12

    TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to Buffer Overflow via cstecgi.cgi

  • CVE-2023-7221CriJan 9, 2024
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer…

  • CVE-2022-38826CriSep 16, 2022
    risk 0.64cvss 9.8epss 0.01

    In TOTOLINK T6 V4.1.5cu.709_B20210518, there is an execute arbitrary command in cstecgi.cgi.

  • CVE-2022-38823CriSep 16, 2022
    risk 0.64cvss 9.8epss 0.01

    In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample.

  • CVE-2022-32053HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c.

  • CVE-2022-32052HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4.

  • CVE-2022-32051HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4.

  • CVE-2022-32050HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40.

  • CVE-2022-32049HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540.

  • CVE-2022-32048HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88.

  • CVE-2022-32047HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00412ef4.

  • CVE-2022-32046HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_0041880c.

  • CVE-2022-32045HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4.

  • CVE-2022-32044HigJul 1, 2022
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80.

  • CVE-2023-7223MedJan 9, 2024
    risk 0.35cvss 5.3epss 0.01

    A vulnerability classified as problematic has been found in Totolink T6 4.1.9cu.5241_B20210923. This affects an unknown part of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to improper access controls. It is possible to…