VYPR

A3700R

by Totolink

CVEs (43)

  • CVE-2023-46574CriOct 25, 2023
    risk 0.69cvss 9.8epss 0.65

    An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.

  • CVE-2024-42545CriAug 12, 2024
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.

  • CVE-2024-42543CriAug 12, 2024
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.

  • CVE-2024-37637CriJun 14, 2024
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg.

  • CVE-2024-37635CriJun 13, 2024
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg

  • CVE-2024-37634CriJun 13, 2024
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg.

  • CVE-2024-37632CriJun 13, 2024
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .

  • CVE-2024-22663CriJan 23, 2024
    risk 0.64cvss 9.8epss 0.02

    TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg

  • CVE-2024-22662CriJan 23, 2024
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules

  • CVE-2024-22660CriJan 23, 2024
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg

  • CVE-2023-52031CriJan 11, 2024
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function.

  • CVE-2023-52030CriJan 11, 2024
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function.

  • CVE-2023-52029CriJan 11, 2024
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function.

  • CVE-2023-52028CriJan 11, 2024
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function.

  • CVE-2023-52027CriJan 11, 2024
    risk 0.64cvss 9.8epss 0.02

    TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function.

  • CVE-2023-50147CriDec 22, 2023
    risk 0.64cvss 9.8epss 0.01

    There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513.

  • CVE-2023-43141CriSep 25, 2023
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.

  • CVE-2024-37640HigJun 14, 2024
    risk 0.57cvss 8.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg.

  • CVE-2024-37639HigJun 14, 2024
    risk 0.57cvss 8.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules.

  • CVE-2024-37633HigJun 13, 2024
    risk 0.57cvss 8.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg

Page 1 of 3