Vendor CVEs
Totolink
All CVEs
1,201 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-7154 | 0.00 | — | 0.00 | Jul 28, 2024 | A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. Affected is an unknown function of the file /wizard.html of the component Password Reset Handler. The manipulation leads to improper access controls. It is possible to… | |||
| CVE-2024-41317 | 0.00 | — | 0.02 | Jul 22, 2024 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. | |||
| CVE-2024-41315 | 0.00 | — | 0.02 | Jul 22, 2024 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. | |||
| CVE-2024-41316 | 0.00 | — | 0.02 | Jul 22, 2024 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. | |||
| CVE-2024-41320 | 0.00 | — | 0.02 | Jul 22, 2024 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the get_apcli_conn_info function. | |||
| CVE-2024-41318 | 0.00 | — | 0.02 | Jul 22, 2024 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. | |||
| CVE-2024-41314 | 0.00 | — | 0.02 | Jul 22, 2024 | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. | |||
| CVE-2024-37626 | 0.00 | — | 0.02 | Jun 20, 2024 | A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote attacker to execute arbitrary code via the iface parameter in the vif_enable function. | |||
| CVE-2024-37639 | 0.00 | — | 0.01 | Jun 14, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules. | |||
| CVE-2024-37640 | 0.00 | — | 0.01 | Jun 14, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg. | |||
| CVE-2024-37637 | 0.00 | — | 0.01 | Jun 14, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg. | |||
| CVE-2024-37631 | 0.00 | — | 0.01 | Jun 13, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the File parameter in function UploadCustomModule. | |||
| CVE-2024-37635 | 0.00 | — | 0.01 | Jun 13, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg | |||
| CVE-2024-37634 | 0.00 | — | 0.01 | Jun 13, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg. | |||
| CVE-2024-37633 | 0.00 | — | 0.01 | Jun 13, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg | |||
| CVE-2024-37632 | 0.00 | — | 0.01 | Jun 13, 2024 | TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth . | |||
| CVE-2024-36650 | 0.00 | — | 0.01 | Jun 11, 2024 | TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing… | |||
| CVE-2024-36782 | 0.00 | — | 0.00 | Jun 3, 2024 | TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root. | |||
| CVE-2024-36783 | 0.00 | — | 0.01 | Jun 3, 2024 | TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function. | |||
| CVE-2024-35401 | 0.00 | — | 0.01 | May 28, 2024 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function. | |||
| CVE-2024-35403 | 0.00 | — | 0.00 | May 28, 2024 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setIpPortFilterRules | |||
| CVE-2024-35400 | 0.00 | — | 0.01 | May 28, 2024 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function SetPortForwardRules | |||
| CVE-2024-35399 | 0.00 | — | 0.00 | May 28, 2024 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the password parameter in the function loginAuth | |||
| CVE-2024-35398 | 0.00 | — | 0.01 | May 28, 2024 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setMacFilterRules. | |||
| CVE-2024-35397 | 0.00 | — | 0.19 | May 28, 2024 | TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||
| CVE-2024-35388 | 0.00 | — | 0.03 | May 24, 2024 | TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode | |||
| CVE-2024-35395 | 0.00 | — | 0.00 | May 24, 2024 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root. | |||
| CVE-2024-35396 | 0.00 | — | 0.01 | May 24, 2024 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows attackers to log in as root. | |||
| CVE-2024-32355 | 0.00 | — | 0.02 | May 14, 2024 | TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function. | |||
| CVE-2024-32354 | 0.00 | — | 0.01 | May 14, 2024 | TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi. | |||
| CVE-2024-32353 | 0.00 | — | 0.02 | May 14, 2024 | TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'port' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi. | |||
| CVE-2024-32352 | 0.00 | — | 0.02 | May 14, 2024 | TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecL2tpEnable" parameter in the "cstecgi.cgi" binary. | |||
| CVE-2024-32351 | 0.00 | — | 0.02 | May 14, 2024 | TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mru" parameter in the "cstecgi.cgi" binary. | |||
| CVE-2024-32350 | 0.00 | — | 0.02 | May 14, 2024 | TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecPsk" parameter in the "cstecgi.cgi" binary. | |||
| CVE-2024-32349 | 0.00 | — | 0.01 | May 14, 2024 | TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mtu" parameters in the "cstecgi.cgi" binary. | |||
| CVE-2024-31810 | 0.00 | — | 0.01 | May 13, 2024 | TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample. | |||
| CVE-2024-33433 | 0.00 | — | 0.01 | May 13, 2024 | Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page. | |||
| CVE-2024-35099 | 0.00 | — | 0.01 | May 13, 2024 | TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth. | |||
| CVE-2024-34209 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpPortFilterRules function. | |||
| CVE-2024-34213 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function. | |||
| CVE-2024-34200 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpQosRules function. | |||
| CVE-2024-34201 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the getSaveConfig function. | |||
| CVE-2024-34202 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setMacFilterRules function. | |||
| CVE-2024-34203 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function. | |||
| CVE-2024-34204 | 0.00 | — | 0.02 | May 9, 2024 | TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter. | |||
| CVE-2024-34205 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the download_firmware function. | |||
| CVE-2024-34206 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. | |||
| CVE-2024-34207 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function. | |||
| CVE-2024-34217 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function. | |||
| CVE-2024-34215 | 0.00 | — | 0.01 | May 9, 2024 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function. |
- CVE-2024-7154Jul 28, 2024risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. Affected is an unknown function of the file /wizard.html of the component Password Reset Handler. The manipulation leads to improper access controls. It is possible to…
- CVE-2024-41317Jul 22, 2024risk 0.00cvss —epss 0.02
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
- CVE-2024-41315Jul 22, 2024risk 0.00cvss —epss 0.02
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
- CVE-2024-41316Jul 22, 2024risk 0.00cvss —epss 0.02
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
- CVE-2024-41320Jul 22, 2024risk 0.00cvss —epss 0.02
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the get_apcli_conn_info function.
- CVE-2024-41318Jul 22, 2024risk 0.00cvss —epss 0.02
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
- CVE-2024-41314Jul 22, 2024risk 0.00cvss —epss 0.02
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
- CVE-2024-37626Jun 20, 2024risk 0.00cvss —epss 0.02
A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote attacker to execute arbitrary code via the iface parameter in the vif_enable function.
- CVE-2024-37639Jun 14, 2024risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules.
- CVE-2024-37640Jun 14, 2024risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg.
- CVE-2024-37637Jun 14, 2024risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg.
- CVE-2024-37631Jun 13, 2024risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the File parameter in function UploadCustomModule.
- CVE-2024-37635Jun 13, 2024risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
- CVE-2024-37634Jun 13, 2024risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg.
- CVE-2024-37633Jun 13, 2024risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg
- CVE-2024-37632Jun 13, 2024risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
- CVE-2024-36650Jun 11, 2024risk 0.00cvss —epss 0.01
TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing…
- CVE-2024-36782Jun 3, 2024risk 0.00cvss —epss 0.00
TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
- CVE-2024-36783Jun 3, 2024risk 0.00cvss —epss 0.01
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function.
- CVE-2024-35401May 28, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function.
- CVE-2024-35403May 28, 2024risk 0.00cvss —epss 0.00
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setIpPortFilterRules
- CVE-2024-35400May 28, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function SetPortForwardRules
- CVE-2024-35399May 28, 2024risk 0.00cvss —epss 0.00
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the password parameter in the function loginAuth
- CVE-2024-35398May 28, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setMacFilterRules.
- CVE-2024-35397May 28, 2024risk 0.00cvss —epss 0.19
TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
- CVE-2024-35388May 24, 2024risk 0.00cvss —epss 0.03
TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode
- CVE-2024-35395May 24, 2024risk 0.00cvss —epss 0.00
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
- CVE-2024-35396May 24, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows attackers to log in as root.
- CVE-2024-32355May 14, 2024risk 0.00cvss —epss 0.02
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function.
- CVE-2024-32354May 14, 2024risk 0.00cvss —epss 0.01
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi.
- CVE-2024-32353May 14, 2024risk 0.00cvss —epss 0.02
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'port' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi.
- CVE-2024-32352May 14, 2024risk 0.00cvss —epss 0.02
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecL2tpEnable" parameter in the "cstecgi.cgi" binary.
- CVE-2024-32351May 14, 2024risk 0.00cvss —epss 0.02
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mru" parameter in the "cstecgi.cgi" binary.
- CVE-2024-32350May 14, 2024risk 0.00cvss —epss 0.02
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecPsk" parameter in the "cstecgi.cgi" binary.
- CVE-2024-32349May 14, 2024risk 0.00cvss —epss 0.01
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mtu" parameters in the "cstecgi.cgi" binary.
- CVE-2024-31810May 13, 2024risk 0.00cvss —epss 0.01
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
- CVE-2024-33433May 13, 2024risk 0.00cvss —epss 0.01
Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.
- CVE-2024-35099May 13, 2024risk 0.00cvss —epss 0.01
TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth.
- CVE-2024-34209May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpPortFilterRules function.
- CVE-2024-34213May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function.
- CVE-2024-34200May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpQosRules function.
- CVE-2024-34201May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the getSaveConfig function.
- CVE-2024-34202May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setMacFilterRules function.
- CVE-2024-34203May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function.
- CVE-2024-34204May 9, 2024risk 0.00cvss —epss 0.02
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter.
- CVE-2024-34205May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the download_firmware function.
- CVE-2024-34206May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter.
- CVE-2024-34207May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function.
- CVE-2024-34217May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function.
- CVE-2024-34215May 9, 2024risk 0.00cvss —epss 0.01
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function.
Page 16 of 25