Vulnerabilities > Totolink > A7100Ru Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-01-20 CVE-2022-48125 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function.
network
low complexity
totolink CWE-78
critical
9.8
2023-01-20 CVE-2022-48126 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function.
network
low complexity
totolink CWE-78
critical
9.8
2023-01-17 CVE-2022-47853 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service.
network
low complexity
totolink CWE-78
critical
9.8
2022-12-15 CVE-2022-46631 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.
network
low complexity
totolink CWE-78
critical
9.8
2022-12-15 CVE-2022-46634 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.
network
low complexity
totolink CWE-78
critical
9.8
2022-11-25 CVE-2022-44843 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function.
network
low complexity
totolink CWE-78
critical
9.8
2022-11-25 CVE-2022-44844 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28575 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows attackers to execute arbitrary commands through a carefully constructed payload
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28577 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the delParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8
2022-05-05 CVE-2022-28578 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
network
low complexity
totolink CWE-78
critical
9.8