Vulnerabilities > Totolink > A3600R Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-08-25 CVE-2022-36455 OS Command Injection vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102
TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.
local
low complexity
totolink CWE-78
7.8
7.8
2022-05-24 CVE-2022-29377 Out-of-bounds Write vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102
Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a stacker overflow in the fread function at infostat.cgi.
network
low complexity
totolink CWE-787
5.0
5.0
2022-02-24 CVE-2022-25078 OS Command Injection vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102
TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability in the "Main" function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8