VYPR

A3700R

by Totolink

CVEs (43)

  • CVE-2024-37631HigJun 13, 2024
    risk 0.57cvss 8.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the File parameter in function UploadCustomModule.

  • CVE-2023-48192HigNov 20, 2023
    risk 0.51cvss 7.8epss 0.00

    An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function.

  • CVE-2022-36466HigAug 25, 2022
    risk 0.51cvss 7.8epss 0.00

    TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.

  • CVE-2022-36465HigAug 25, 2022
    risk 0.51cvss 7.8epss 0.00

    TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter.

  • CVE-2022-36464HigAug 25, 2022
    risk 0.51cvss 7.8epss 0.00

    TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.

  • CVE-2022-36463HigAug 25, 2022
    risk 0.51cvss 7.8epss 0.00

    TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.

  • CVE-2022-36462HigAug 25, 2022
    risk 0.51cvss 7.8epss 0.00

    TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.

  • CVE-2022-36461HigAug 25, 2022
    risk 0.51cvss 7.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.

  • CVE-2022-36460HigAug 25, 2022
    risk 0.51cvss 7.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.

  • CVE-2022-36459HigAug 25, 2022
    risk 0.51cvss 7.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.

  • CVE-2022-36458HigAug 25, 2022
    risk 0.51cvss 7.8epss 0.01

    TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.

  • CVE-2024-7160MedJul 28, 2024
    risk 0.41cvss 6.3epss 0.03

    A vulnerability classified as critical has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513. Affected is the function setWanCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to command injection. It is possible to launch the attack…

  • CVE-2024-7156MedJul 28, 2024
    risk 0.36cvss 5.3epss 0.13

    A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/ExportSettings.sh of the component apmib Configuration Handler. The manipulation leads to information…

  • CVE-2025-3668MedApr 16, 2025
    risk 0.35cvss 5.3epss 0.01

    A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. It has been declared as critical. This vulnerability affects the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack can be initiated…

  • CVE-2025-3663MedApr 16, 2025
    risk 0.35cvss 5.3epss 0.08

    A vulnerability, which was classified as critical, has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513. This issue affects the function setWiFiEasyCfg/setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi of the component Password Handler. The manipulation leads to improper…

  • CVE-2025-3675MedApr 16, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. It has been rated as critical. Affected by this issue is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack may be launched remotely.…

  • CVE-2025-3674MedApr 16, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. It has been declared as critical. Affected by this vulnerability is the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack can be launched…

  • CVE-2025-3667MedApr 16, 2025
    risk 0.34cvss 5.3epss 0.01

    A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. It has been classified as critical. This affects the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The…

  • CVE-2025-3666MedApr 16, 2025
    risk 0.34cvss 5.3epss 0.01

    A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as critical. Affected by this issue is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit…

  • CVE-2025-3665MedApr 16, 2025
    risk 0.34cvss 5.3epss 0.01

    A vulnerability has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as critical. Affected by this vulnerability is the function setSmartQosCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. The attack can be launched…