A3700R
by Totolink
CVEs (43)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-46574 | Cri | 0.69 | 9.8 | 0.65 | Oct 25, 2023 | An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function. | ||
| CVE-2024-42545 | Cri | 0.64 | 9.8 | 0.01 | Aug 12, 2024 | TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function. | ||
| CVE-2024-42543 | Cri | 0.64 | 9.8 | 0.01 | Aug 12, 2024 | TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function. | ||
| CVE-2024-37637 | Cri | 0.64 | 9.8 | 0.01 | Jun 14, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg. | ||
| CVE-2024-37635 | Cri | 0.64 | 9.8 | 0.01 | Jun 13, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg | ||
| CVE-2024-37634 | Cri | 0.64 | 9.8 | 0.01 | Jun 13, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg. | ||
| CVE-2024-37632 | Cri | 0.64 | 9.8 | 0.01 | Jun 13, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth . | ||
| CVE-2024-22663 | Cri | 0.64 | 9.8 | 0.02 | Jan 23, 2024 | TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg | ||
| CVE-2024-22662 | Cri | 0.64 | 9.8 | 0.01 | Jan 23, 2024 | TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules | ||
| CVE-2024-22660 | Cri | 0.64 | 9.8 | 0.01 | Jan 23, 2024 | TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg | ||
| CVE-2023-52031 | Cri | 0.64 | 9.8 | 0.02 | Jan 11, 2024 | TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function. | ||
| CVE-2023-52030 | Cri | 0.64 | 9.8 | 0.02 | Jan 11, 2024 | TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function. | ||
| CVE-2023-52029 | Cri | 0.64 | 9.8 | 0.02 | Jan 11, 2024 | TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function. | ||
| CVE-2023-52028 | Cri | 0.64 | 9.8 | 0.02 | Jan 11, 2024 | TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function. | ||
| CVE-2023-52027 | Cri | 0.64 | 9.8 | 0.02 | Jan 11, 2024 | TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function. | ||
| CVE-2023-50147 | Cri | 0.64 | 9.8 | 0.01 | Dec 22, 2023 | There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. | ||
| CVE-2023-43141 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2023 | TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control. | ||
| CVE-2024-37640 | Hig | 0.57 | 8.8 | 0.01 | Jun 14, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg. | ||
| CVE-2024-37639 | Hig | 0.57 | 8.8 | 0.01 | Jun 14, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules. | ||
| CVE-2024-37633 | Hig | 0.57 | 8.8 | 0.01 | Jun 13, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg |
- risk 0.69cvss 9.8epss 0.65
An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg.
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg.
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
- risk 0.64cvss 9.8epss 0.02
TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules
- risk 0.64cvss 9.8epss 0.01
TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg
- risk 0.64cvss 9.8epss 0.02
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function.
- risk 0.64cvss 9.8epss 0.02
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function.
- risk 0.64cvss 9.8epss 0.01
There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513.
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.
- risk 0.57cvss 8.8epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg.
- risk 0.57cvss 8.8epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules.
- risk 0.57cvss 8.8epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg
Page 1 of 3