Vulnerabilities > Totolink > A3700R Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2023-52028 Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function.
network
low complexity
totolink
critical
9.8
2024-01-11 CVE-2023-52027 Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function.
network
low complexity
totolink CWE-77
critical
9.8
2023-12-22 CVE-2023-50147 OS Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513.
network
low complexity
totolink CWE-78
critical
9.8
2023-10-25 CVE-2023-46574 Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012
An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.
network
low complexity
totolink CWE-77
critical
9.8
2023-09-25 CVE-2023-43141 Unspecified vulnerability in Totolink A3700R Firmware and N600R Firmware
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.
network
low complexity
totolink
critical
9.8