VYPR

A3600R

by Totolink

CVEs (25)

  • CVE-2024-7181MedJul 29, 2024
    risk 0.41cvss 6.3epss 0.03

    A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument telnet_enabled leads to command injection. The attack can be…

  • CVE-2024-7175MedJul 29, 2024
    risk 0.41cvss 6.3epss 0.03

    A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ipDoamin leads to os command injection. The attack can…

  • CVE-2024-7171MedJul 28, 2024
    risk 0.41cvss 6.3epss 0.03

    A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected is the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostTime leads to os command injection. It is possible to launch the…

  • CVE-2024-7159MedJul 28, 2024
    risk 0.36cvss 5.5epss 0.01

    A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password. The…

  • CVE-2026-1686Jan 30, 2026
    risk 0.00cvss epss 0.01

    A security flaw has been discovered in Totolink A3600R 5.9c.4959. This issue affects the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so. Performing a manipulation of the argument apcliSsid results in buffer overflow. It is possible to initiate the attack…

Page 2 of 2