Vulnerabilities > Totolink > A3300R Firmware > 17.0.0cu.557.b20221024

DATE CVE VULNERABILITY TITLE RISK
2023-07-07 CVE-2023-37170 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2023-07-07 CVE-2023-37171 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2023-07-07 CVE-2023-37172 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2023-07-07 CVE-2023-37173 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8