VYPR

Vendor CVEs

Totolink

All CVEs

1,201 total · sorted by risk
  • CVE-2024-0998Jan 29, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. It is possible to…

  • CVE-2024-0997Jan 29, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. Affected by this issue is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-based buffer overflow. The attack may be…

  • CVE-2024-0944Jan 26, 2024
    risk 0.00cvss epss 0.02

    A vulnerability was found in Totolink T8 4.1.5cu.833_20220905. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation leads to session expiration. The attack may be launched remotely. The…

  • CVE-2024-0943Jan 26, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink N350RT 9.3.5u.6255. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation leads to session expiration. The attack can be launched remotely. The…

  • CVE-2024-0942Jan 26, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink N200RE V5 9.3.5u.6255_B20211224. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi. The manipulation leads to session expiration. It is possible to launch the attack remotely. The…

  • CVE-2024-22529Jan 25, 2024
    risk 0.00cvss epss 0.02

    TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub_449040 (handle function of formUploadFile) of /bin/boa.

  • CVE-2023-52040Jan 24, 2024
    risk 0.00cvss epss 0.01

    An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the sub_41284C function.

  • CVE-2023-52038Jan 24, 2024
    risk 0.00cvss epss 0.01

    An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the sub_415C80 function.

  • CVE-2023-52039Jan 24, 2024
    risk 0.00cvss epss 0.01

    An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the sub_415AA4 function.

  • CVE-2024-22662Jan 23, 2024
    risk 0.00cvss epss 0.01

    TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules

  • CVE-2024-22663Jan 23, 2024
    risk 0.00cvss epss 0.02

    TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg

  • CVE-2024-22660Jan 23, 2024
    risk 0.00cvss epss 0.01

    TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg

  • CVE-2024-0579Jan 16, 2024
    risk 0.00cvss epss 0.03

    A vulnerability classified as critical was found in Totolink X2000R 1.0.0-B20221212.1452. Affected by this vulnerability is the function formMapDelDevice of the file /boafrm/formMapDelDevice. The manipulation of the argument macstr leads to command injection. The attack can be…

  • CVE-2024-0578Jan 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to stack-based buffer overflow. It is possible to launch…

  • CVE-2024-0577Jan 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been rated as critical. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument lang leads to stack-based buffer overflow. The attack may be…

  • CVE-2024-0576Jan 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been declared as critical. This vulnerability affects the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sPort leads to stack-based buffer overflow. The…

  • CVE-2024-0575Jan 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been classified as critical. This affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to stack-based buffer overflow. It is possible to…

  • CVE-2024-0574Jan 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sTime leads to stack-based buffer overflow. The attack may…

  • CVE-2024-0573Jan 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. The…

  • CVE-2024-0572Jan 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-based buffer overflow. It is possible to…

  • CVE-2024-0571Jan 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. This issue affects the function setSmsCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument text leads to stack-based buffer overflow. The attack may be…

  • CVE-2024-0570Jan 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6265. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely.…

  • CVE-2024-0569Jan 16, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in Totolink T8 4.1.5cu.833_20220905. This affects the function getSysStatusCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument ssid/key leads to information disclosure.…

  • CVE-2023-52042Jan 16, 2024
    risk 0.00cvss epss 0.01

    An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the 'lang' parameter.

  • CVE-2023-52041Jan 16, 2024
    risk 0.00cvss epss 0.01

    An issue discovered in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary code via the sub_410118 function of the shttpd program.

  • CVE-2023-52026Jan 12, 2024
    risk 0.00cvss epss 0.02

    TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface

  • CVE-2024-23060Jan 11, 2024
    risk 0.00cvss epss 0.02

    TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function.

  • CVE-2024-23059Jan 11, 2024
    risk 0.00cvss epss 0.02

    TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function.

  • CVE-2024-23057Jan 11, 2024
    risk 0.00cvss epss 0.02

    TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function.

  • CVE-2024-22942Jan 11, 2024
    risk 0.00cvss epss 0.02

    TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function.

  • CVE-2024-23058Jan 11, 2024
    risk 0.00cvss epss 0.02

    TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pass parameter in the setTr069Cfg function.

  • CVE-2024-23061Jan 11, 2024
    risk 0.00cvss epss 0.02

    TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function.

  • CVE-2022-46025Jan 10, 2024
    risk 0.00cvss epss 0.01

    Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page.

  • CVE-2023-7222Jan 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer…

  • CVE-2023-7220Jan 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be…

  • CVE-2023-7219Jan 9, 2024
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Totolink N350RT 9.3.5u.6139_B202012 and classified as critical. Affected by this vulnerability is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to stack-based buffer overflow. The…

  • CVE-2023-7218Jan 8, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in Totolink N350RT 9.3.5u.6139_B202012. Affected is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the…

  • CVE-2024-0299Jan 8, 2024
    risk 0.00cvss epss 0.04

    A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been declared as critical. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The…

  • CVE-2024-0298Jan 8, 2024
    risk 0.00cvss epss 0.04

    A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been classified as critical. Affected is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to launch the…

  • CVE-2024-0297Jan 8, 2024
    risk 0.00cvss epss 0.04

    A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. The attack may be…

  • CVE-2024-0296Jan 8, 2024
    risk 0.00cvss epss 0.04

    A vulnerability has been found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument host_time leads to os command injection. The attack can…

  • CVE-2024-0295Jan 8, 2024
    risk 0.00cvss epss 0.04

    A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130. This affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to os command injection. It is possible to initiate the…

  • CVE-2024-0294Jan 8, 2024
    risk 0.00cvss epss 0.04

    A vulnerability, which was classified as critical, has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected by this issue is the function setUssd of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ussd leads to os command injection. The attack may be…

  • CVE-2024-0293Jan 8, 2024
    risk 0.00cvss epss 0.05

    A vulnerability classified as critical was found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected by this vulnerability is the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. The attack can…

  • CVE-2024-0292Jan 8, 2024
    risk 0.00cvss epss 0.05

    A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to os command injection. It is possible to launch the attack…

  • CVE-2024-0291Jan 8, 2024
    risk 0.00cvss epss 0.04

    A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been rated as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to command injection. The attack may be…

  • CVE-2023-7214Jan 7, 2024
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Totolink N350RT 9.3.5u.6139_B20201216. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v8…

  • CVE-2023-7213Jan 7, 2024
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6139_B20201216. Affected by this vulnerability is the function main of the file /cgi-bin/cstecgi.cgi?action=login&flag=1 of the component HTTP POST Request Handler. The manipulation of the argument v33…

  • CVE-2023-7208Jan 7, 2024
    risk 0.00cvss epss 0.02

    A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE:…

  • CVE-2023-7187Dec 31, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in Totolink N350RT 9.3.5u.6139_B20201216. It has been rated as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 of the component HTTP POST Request Handler. The manipulation leads to stack-based…

Page 18 of 25