Vulnerabilities > Totolink
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-23 | CVE-2024-41319 | Command Injection vulnerability in Totolink A6000R Firmware 1.0.1B20201211.2000 TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function. | 9.8 |
2024-02-20 | CVE-2024-1661 | Use of Hard-coded Credentials vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719 A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719. | 5.5 |
2024-01-30 | CVE-2024-24324 | Use of Hard-coded Credentials vulnerability in Totolink A8000Ru Firmware 7.1Cu.643B20200521 TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root stored in /etc/shadow. | 9.8 |
2024-01-30 | CVE-2024-24325 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setParentalRules function. | 9.8 |
2024-01-30 | CVE-2024-24326 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function. | 9.8 |
2024-01-30 | CVE-2024-24327 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pppoePass parameter in the setIpv6Cfg function. | 9.8 |
2024-01-30 | CVE-2024-24328 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setMacFilterRules function. | 9.8 |
2024-01-30 | CVE-2024-24329 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setPortForwardRules function. | 9.8 |
2024-01-30 | CVE-2024-24330 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the port or enable parameter in the setRemoteCfg function. | 9.8 |
2024-01-30 | CVE-2024-24331 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setWiFiScheduleCfg function. | 9.8 |