Vulnerabilities > Totolink > A3700R Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-11 | CVE-2023-52027 | Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function. | 9.8 |
2024-01-11 | CVE-2023-52028 | Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function. | 9.8 |
2024-01-11 | CVE-2023-52029 | Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function. | 9.8 |
2024-01-11 | CVE-2023-52030 | Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function. | 9.8 |
2024-01-11 | CVE-2023-52031 | Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function. | 9.8 |
2023-12-22 | CVE-2023-50147 | OS Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. | 9.8 |
2023-11-20 | CVE-2023-48192 | Code Injection vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202 An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function. | 7.8 |
2023-10-25 | CVE-2023-46574 | Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012 An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function. | 9.8 |
2023-09-25 | CVE-2023-43141 | Unspecified vulnerability in Totolink A3700R Firmware and N600R Firmware TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control. | 9.8 |
2022-08-25 | CVE-2022-36458 | OS Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202 TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg. | 7.8 |