Vulnerabilities > Totolink > A3100R Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-18 CVE-2022-29646 Exposure of Resource to Wrong Sphere vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129
An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows attackers to obtain sensitive information via a crafted web request.
network
low complexity
totolink CWE-668
5.3
2022-03-30 CVE-2021-46006 Missing Authentication for Critical Function vulnerability in Totolink A3100R Firmware 5.9C.4577
In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated.
network
low complexity
totolink CWE-306
6.5