Vulnerabilities > Totolink > A3700R Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2024-07-28 CVE-2024-7160 Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
A vulnerability classified as critical has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513.
network
low complexity
totolink
8.8
2024-07-28 CVE-2024-7156 Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as problematic.
network
low complexity
totolink
7.5
2024-07-28 CVE-2024-7154 Missing Authentication for Critical Function vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513.
network
low complexity
totolink CWE-306
7.5
2023-11-20 CVE-2023-48192 Code Injection vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202
An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function.
local
low complexity
totolink CWE-94
7.8
2022-08-25 CVE-2022-36458 OS Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.
local
low complexity
totolink CWE-78
7.8
2022-08-25 CVE-2022-36459 OS Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.
local
low complexity
totolink CWE-78
7.8
2022-08-25 CVE-2022-36460 OS Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
local
low complexity
totolink CWE-78
7.8
2022-08-25 CVE-2022-36461 OS Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.
local
low complexity
totolink CWE-78
7.8
2022-08-25 CVE-2022-36462 Out-of-bounds Write vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.
local
low complexity
totolink CWE-787
7.8
2022-08-25 CVE-2022-36463 Out-of-bounds Write vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.
local
low complexity
totolink CWE-787
7.8