Vulnerabilities > Totolink > A3700R Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-08-12 CVE-2024-42545 Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.
network
low complexity
totolink CWE-120
critical
9.8
2024-08-12 CVE-2024-42543 Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
network
low complexity
totolink CWE-120
critical
9.8
2024-06-13 CVE-2024-37635 Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
network
low complexity
totolink CWE-120
critical
9.8
2024-06-13 CVE-2024-37632 Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
network
low complexity
totolink CWE-120
critical
9.8
2024-01-23 CVE-2024-22663 Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012
TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg
network
low complexity
totolink CWE-77
critical
9.8
2024-01-23 CVE-2024-22662 Out-of-bounds Write vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012
TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules
network
low complexity
totolink CWE-787
critical
9.8
2024-01-23 CVE-2024-22660 Out-of-bounds Write vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012
TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg
network
low complexity
totolink CWE-787
critical
9.8
2024-01-11 CVE-2023-52031 Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function.
network
low complexity
totolink
critical
9.8
2024-01-11 CVE-2023-52030 Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function.
network
low complexity
totolink
critical
9.8
2024-01-11 CVE-2023-52029 Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function.
network
low complexity
totolink
critical
9.8