VYPR

A7100RU

by Totolink

CVEs (72)

  • CVE-2023-24184CriFeb 21, 2023
    risk 0.64cvss 9.8epss 0.01

    TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability.

  • CVE-2023-24238CriFeb 16, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules.

  • CVE-2023-24236CriFeb 16, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the province parameter at setting/delStaticDhcpRules.

  • CVE-2023-24276CriFeb 6, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules.

  • CVE-2022-48126CriJan 20, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function.

  • CVE-2022-48125CriJan 20, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function.

  • CVE-2022-48124CriJan 20, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function.

  • CVE-2022-48123CriJan 20, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function.

  • CVE-2022-48122CriJan 20, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function.

  • CVE-2022-48121CriJan 20, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function.

  • CVE-2022-47853CriJan 17, 2023
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload.

  • CVE-2022-46634CriDec 15, 2022
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.

  • CVE-2022-46631CriDec 15, 2022
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.

  • CVE-2022-44844CriNov 25, 2022
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function.

  • CVE-2022-44843CriNov 25, 2022
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function.

  • CVE-2022-28584CriMay 5, 2022
    risk 0.64cvss 9.8epss 0.03

    It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.

  • CVE-2022-28583CriMay 5, 2022
    risk 0.64cvss 9.8epss 0.03

    It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.

  • CVE-2022-28582CriMay 5, 2022
    risk 0.64cvss 9.8epss 0.03

    It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.

  • CVE-2022-28581CriMay 5, 2022
    risk 0.64cvss 9.8epss 0.03

    It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.

  • CVE-2022-28580CriMay 5, 2022
    risk 0.64cvss 9.8epss 0.03

    It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.