N600R
by Totolink
CVEs (38)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-26187 | Cri | 0.65 | 9.8 | 0.20 | Mar 22, 2022 | TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the pingCheck function. | ||
| CVE-2025-46060 | Cri | 0.64 | 9.8 | 0.01 | Jun 13, 2025 | Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the UPLOAD_FILENAME component | ||
| CVE-2025-22900 | Cri | 0.64 | 9.8 | 0.00 | Apr 15, 2025 | Totolink N600R v4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macCloneMac parameter in the setWanConfig function. | ||
| CVE-2023-43141 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2023 | TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control. | ||
| CVE-2022-29399 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0. | ||
| CVE-2022-29398 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c. | ||
| CVE-2022-29397 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8. | ||
| CVE-2022-29396 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10. | ||
| CVE-2022-29395 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4. | ||
| CVE-2022-29394 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448. | ||
| CVE-2022-29393 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc. | ||
| CVE-2022-29392 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24. | ||
| CVE-2022-29391 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8. | ||
| CVE-2022-28913 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting. | ||
| CVE-2022-28912 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW. | ||
| CVE-2022-28911 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate. | ||
| CVE-2022-28910 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName. | ||
| CVE-2022-28909 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx. | ||
| CVE-2022-28908 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg. | ||
| CVE-2022-28907 | Cri | 0.64 | 9.8 | 0.02 | May 10, 2022 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost. |
- risk 0.65cvss 9.8epss 0.20
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the pingCheck function.
- risk 0.64cvss 9.8epss 0.01
Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the UPLOAD_FILENAME component
- risk 0.64cvss 9.8epss 0.00
Totolink N600R v4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macCloneMac parameter in the setWanConfig function.
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.
- risk 0.64cvss 9.8epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.
- risk 0.64cvss 9.8epss 0.02
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting.
- risk 0.64cvss 9.8epss 0.02
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW.
- risk 0.64cvss 9.8epss 0.02
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate.
- risk 0.64cvss 9.8epss 0.02
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName.
- risk 0.64cvss 9.8epss 0.02
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.
- risk 0.64cvss 9.8epss 0.02
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg.
- risk 0.64cvss 9.8epss 0.02
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost.
Page 1 of 2