Vulnerabilities > Totolink > A3600R Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-08-04 CVE-2022-34993 Use of Hard-coded Credentials vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102
Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc/shadow.sample.
network
low complexity
totolink CWE-798
critical
9.8
2022-02-24 CVE-2022-25078 OS Command Injection vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102
TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability in the "Main" function.
network
low complexity
totolink CWE-78
critical
9.8