Vendor CVEs
Totolink
All CVEs
1,201 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-37076 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. | |||
| CVE-2022-37075 | 0.00 | — | 0.00 | Aug 25, 2022 | TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. | |||
| CVE-2022-36488 | 0.00 | — | 0.00 | Aug 25, 2022 | TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. | |||
| CVE-2022-36487 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg. | |||
| CVE-2022-36485 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. | |||
| CVE-2022-36486 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. | |||
| CVE-2022-36484 | 0.00 | — | 0.00 | Aug 25, 2022 | TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the function setDiagnosisCfg. | |||
| CVE-2022-36483 | 0.00 | — | 0.00 | Aug 25, 2022 | TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the pppoeUser parameter. | |||
| CVE-2022-36482 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg. | |||
| CVE-2022-36481 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg. | |||
| CVE-2022-36480 | 0.00 | — | 0.00 | Aug 25, 2022 | TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. | |||
| CVE-2022-36479 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost. | |||
| CVE-2022-36466 | 0.00 | — | 0.00 | Aug 25, 2022 | TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. | |||
| CVE-2022-36465 | 0.00 | — | 0.00 | Aug 25, 2022 | TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter. | |||
| CVE-2022-36464 | 0.00 | — | 0.00 | Aug 25, 2022 | TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. | |||
| CVE-2022-36463 | 0.00 | — | 0.00 | Aug 25, 2022 | TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. | |||
| CVE-2022-36462 | 0.00 | — | 0.00 | Aug 25, 2022 | TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. | |||
| CVE-2022-36461 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. | |||
| CVE-2022-36459 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost. | |||
| CVE-2022-36460 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. | |||
| CVE-2022-36458 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg. | |||
| CVE-2022-36456 | 0.00 | — | 0.01 | Aug 25, 2022 | TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. | |||
| CVE-2022-35491 | 0.00 | — | 0.01 | Aug 9, 2022 | TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample. | |||
| CVE-2022-34993 | 0.00 | — | 0.01 | Aug 4, 2022 | Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc/shadow.sample. | |||
| CVE-2021-42893 | 0.00 | — | 0.01 | Jun 3, 2022 | In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization through getSysStatusCfg. | |||
| CVE-2021-42892 | 0.00 | — | 0.01 | Jun 3, 2022 | In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the default username and password exists in the firmware. | |||
| CVE-2021-42891 | 0.00 | — | 0.01 | Jun 3, 2022 | In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization. | |||
| CVE-2021-42889 | 0.00 | — | 0.01 | Jun 3, 2022 | In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, wifiname, etc.) without authorization. | |||
| CVE-2021-42886 | 0.00 | — | 0.02 | Jun 3, 2022 | TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file. | |||
| CVE-2021-42877 | 0.00 | — | 0.02 | Jun 2, 2022 | TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system. | |||
| CVE-2022-29377 | 0.00 | — | 0.01 | May 24, 2022 | Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a stacker overflow in the fread function at infostat.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via the parameter CONTENT_LENGTH. | |||
| CVE-2022-29646 | 0.00 | — | 0.01 | May 18, 2022 | An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows attackers to obtain sensitive information via a crafted web request. | |||
| CVE-2022-29645 | 0.00 | — | 0.01 | May 18, 2022 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for root stored in the component /etc/shadow.sample. | |||
| CVE-2022-29644 | 0.00 | — | 0.01 | May 18, 2022 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for the telnet service stored in the component /web_cste/cgi-bin/product.ini. | |||
| CVE-2022-29643 | 0.00 | — | 0.01 | May 18, 2022 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||
| CVE-2022-29642 | 0.00 | — | 0.01 | May 18, 2022 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||
| CVE-2022-29641 | 0.00 | — | 0.01 | May 18, 2022 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the startTime and endTime parameters in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST… | |||
| CVE-2022-29640 | 0.00 | — | 0.01 | May 18, 2022 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setPortForwardRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||
| CVE-2022-29638 | 0.00 | — | 0.01 | May 18, 2022 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setIpQosRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||
| CVE-2022-29639 | 0.00 | — | 0.02 | May 18, 2022 | TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a command injection vulnerability via the magicid parameter in the function uci_cloudupdate_config. | |||
| CVE-2022-29398 | 0.00 | — | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c. | |||
| CVE-2022-29399 | 0.00 | — | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0. | |||
| CVE-2022-29397 | 0.00 | — | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8. | |||
| CVE-2022-29396 | 0.00 | — | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10. | |||
| CVE-2022-29395 | 0.00 | — | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4. | |||
| CVE-2022-29394 | 0.00 | — | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448. | |||
| CVE-2022-29393 | 0.00 | — | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc. | |||
| CVE-2022-29392 | 0.00 | — | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24. | |||
| CVE-2022-29391 | 0.00 | — | 0.02 | May 10, 2022 | TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8. | |||
| CVE-2022-28912 | 0.00 | — | 0.02 | May 10, 2022 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW. |
- CVE-2022-37076Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
- CVE-2022-37075Aug 25, 2022risk 0.00cvss —epss 0.00
TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.
- CVE-2022-36488Aug 25, 2022risk 0.00cvss —epss 0.00
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.
- CVE-2022-36487Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.
- CVE-2022-36485Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.
- CVE-2022-36486Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
- CVE-2022-36484Aug 25, 2022risk 0.00cvss —epss 0.00
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the function setDiagnosisCfg.
- CVE-2022-36483Aug 25, 2022risk 0.00cvss —epss 0.00
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the pppoeUser parameter.
- CVE-2022-36482Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg.
- CVE-2022-36481Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg.
- CVE-2022-36480Aug 25, 2022risk 0.00cvss —epss 0.00
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.
- CVE-2022-36479Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.
- CVE-2022-36466Aug 25, 2022risk 0.00cvss —epss 0.00
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.
- CVE-2022-36465Aug 25, 2022risk 0.00cvss —epss 0.00
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter.
- CVE-2022-36464Aug 25, 2022risk 0.00cvss —epss 0.00
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.
- CVE-2022-36463Aug 25, 2022risk 0.00cvss —epss 0.00
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.
- CVE-2022-36462Aug 25, 2022risk 0.00cvss —epss 0.00
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.
- CVE-2022-36461Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.
- CVE-2022-36459Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.
- CVE-2022-36460Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
- CVE-2022-36458Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.
- CVE-2022-36456Aug 25, 2022risk 0.00cvss —epss 0.01
TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.
- CVE-2022-35491Aug 9, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample.
- CVE-2022-34993Aug 4, 2022risk 0.00cvss —epss 0.01
Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc/shadow.sample.
- CVE-2021-42893Jun 3, 2022risk 0.00cvss —epss 0.01
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization through getSysStatusCfg.
- CVE-2021-42892Jun 3, 2022risk 0.00cvss —epss 0.01
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the default username and password exists in the firmware.
- CVE-2021-42891Jun 3, 2022risk 0.00cvss —epss 0.01
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization.
- CVE-2021-42889Jun 3, 2022risk 0.00cvss —epss 0.01
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, wifiname, etc.) without authorization.
- CVE-2021-42886Jun 3, 2022risk 0.00cvss —epss 0.02
TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file.
- CVE-2021-42877Jun 2, 2022risk 0.00cvss —epss 0.02
TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.
- CVE-2022-29377May 24, 2022risk 0.00cvss —epss 0.01
Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a stacker overflow in the fread function at infostat.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via the parameter CONTENT_LENGTH.
- CVE-2022-29646May 18, 2022risk 0.00cvss —epss 0.01
An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows attackers to obtain sensitive information via a crafted web request.
- CVE-2022-29645May 18, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for root stored in the component /etc/shadow.sample.
- CVE-2022-29644May 18, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for the telnet service stored in the component /web_cste/cgi-bin/product.ini.
- CVE-2022-29643May 18, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- CVE-2022-29642May 18, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- CVE-2022-29641May 18, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the startTime and endTime parameters in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST…
- CVE-2022-29640May 18, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setPortForwardRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- CVE-2022-29638May 18, 2022risk 0.00cvss —epss 0.01
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setIpQosRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
- CVE-2022-29639May 18, 2022risk 0.00cvss —epss 0.02
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a command injection vulnerability via the magicid parameter in the function uci_cloudupdate_config.
- CVE-2022-29398May 10, 2022risk 0.00cvss —epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c.
- CVE-2022-29399May 10, 2022risk 0.00cvss —epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0.
- CVE-2022-29397May 10, 2022risk 0.00cvss —epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8.
- CVE-2022-29396May 10, 2022risk 0.00cvss —epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10.
- CVE-2022-29395May 10, 2022risk 0.00cvss —epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4.
- CVE-2022-29394May 10, 2022risk 0.00cvss —epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.
- CVE-2022-29393May 10, 2022risk 0.00cvss —epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.
- CVE-2022-29392May 10, 2022risk 0.00cvss —epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.
- CVE-2022-29391May 10, 2022risk 0.00cvss —epss 0.02
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.
- CVE-2022-28912May 10, 2022risk 0.00cvss —epss 0.02
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW.
Page 23 of 25