VYPR

Vendor CVEs

Totolink

All CVEs

1,201 total · sorted by risk
  • CVE-2023-46993Oct 31, 2023
    risk 0.00cvss epss 0.02

    In TOTOLINK A3300R V17.0.0cu.557_B20221024 when dealing with setLedCfg request, there is no verification for the enable parameter, which can lead to command injection.

  • CVE-2023-46976Oct 31, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK A3300R 17.0.0cu.557_B20221024 contains a command injection via the file_name parameter in the UploadFirmwareFile function.

  • CVE-2023-46978Oct 31, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords without authentication.

  • CVE-2023-46484Oct 31, 2023
    risk 0.00cvss epss 0.01

    An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setLedCfg function.

  • CVE-2023-46979Oct 31, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R V9.4.0cu.852_B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function.

  • CVE-2023-46510Oct 27, 2023
    risk 0.00cvss epss 0.01

    An issue in ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154 allows an attacker to execute arbitrary code via the cig-bin/cstecgi.cgi to the settings/setPasswordCfg function.

  • CVE-2023-46413Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function.

  • CVE-2023-46408Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 41DD80 function.

  • CVE-2023-46418Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_412688 function.

  • CVE-2023-46563Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpQoS.

  • CVE-2023-46416Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ The 41A414 function.

  • CVE-2023-46421Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411D00 function.

  • CVE-2023-46417Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415498 function.

  • CVE-2023-46555Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPortFw.

  • CVE-2023-46411Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function.

  • CVE-2023-46423Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_417094 function.

  • CVE-2023-46540Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formNtp.

  • CVE-2023-46560Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formTcpipSetup.

  • CVE-2023-46420Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41590C function.

  • CVE-2023-46553Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formParentControl.

  • CVE-2023-46543Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlSiteSurvey.

  • CVE-2023-46546Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formStats.

  • CVE-2023-46562Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDosCfg.

  • CVE-2023-46424Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_422BD4 function.

  • CVE-2023-46556Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formFilter.

  • CVE-2023-46544Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWirelessTbl.

  • CVE-2023-46552Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAP.

  • CVE-2023-46419Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415730 function.

  • CVE-2023-46415Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41E588 function.

  • CVE-2023-46414Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function.

  • CVE-2023-46548Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlanRedirect.

  • CVE-2023-46564Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDMZ.

  • CVE-2023-46422Oct 25, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411994 function.

  • CVE-2023-46547Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSysLog.

  • CVE-2023-46550Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice.

  • CVE-2023-46545Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWsc.

  • CVE-2023-46559Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIPv6Addr.

  • CVE-2023-46409Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function.

  • CVE-2023-46412Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function.

  • CVE-2023-46554Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDel.

  • CVE-2023-46541Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpv6Setup.

  • CVE-2023-46558Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice.

  • CVE-2023-46557Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAPVLAN.

  • CVE-2023-46542Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMeshUploadConfig.

  • CVE-2023-46410Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 416F60 function.

  • CVE-2023-46551Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formReflashClientTbl.

  • CVE-2023-46549Oct 25, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSetLg.

  • CVE-2023-36947Oct 16, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule.

  • CVE-2023-36952Oct 16, 2023
    risk 0.00cvss epss 0.01

    TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg.

  • CVE-2023-36954Oct 16, 2023
    risk 0.00cvss epss 0.02

    TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection.

Page 20 of 25