VYPR

Lr350 Firmware

by Totolink

CVEs (7)

  • CVE-2026-4976HigMar 27, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack can be launched remotely. The exploit has…

  • CVE-2026-1150MedJan 19, 2026
    risk 0.41cvss 6.3epss 0.02

    A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be…

  • CVE-2026-1149MedJan 19, 2026
    risk 0.41cvss 6.3epss 0.03

    A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be…

  • CVE-2026-1158Jan 19, 2026
    risk 0.00cvss epss 0.01

    A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow.…

  • CVE-2026-1157Jan 19, 2026
    risk 0.00cvss epss 0.01

    A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This affects the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack remotely. The exploit is…

  • CVE-2026-1156Jan 19, 2026
    risk 0.00cvss epss 0.01

    A vulnerability was determined in Totolink LR350 9.3.5u.6369_B20220309. Affected by this issue is the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid causes buffer overflow. It is possible to initiate the attack remotely. The…

  • CVE-2026-1155Jan 19, 2026
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. Affected by this vulnerability is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack may be performed from remote. The…