Vulnerabilities > Totolink > A720R Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-15 | CVE-2024-8869 | OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5 A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. | 8.1 |
| 2023-02-17 | CVE-2023-23064 | Incorrect Authorization vulnerability in Totolink A720R Firmware 4.1.5Cu.532B20210610 TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control. | 9.8 |
| 2022-09-15 | CVE-2022-38534 | OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5Cu.374 TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setdiagnosicfg function. | 7.2 |
| 2022-09-15 | CVE-2022-38535 | OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5Cu.374 TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function. | 7.2 |
| 2022-08-29 | CVE-2022-36610 | Use of Hard-coded Credentials vulnerability in Totolink A720R Firmware 4.1.5Cu.532B20210610 TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample. | 7.8 |
| 2022-08-25 | CVE-2022-36456 | OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5Cu.532B20210610 TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. | 7.8 |
| 2022-03-31 | CVE-2021-43662 | Allocation of Resources Without Limits or Throttling vulnerability in Totolink A720R Firmware and Ex300 V2 Firmware totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue which causes uncontrolled resource consumption. | 6.5 |
| 2022-02-04 | CVE-2021-44246 | Unspecified vulnerability in Totolink A3100R Firmware, A720R Firmware and A830R Firmware Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain a stack overflow in the function setNoticeCfg. | 7.5 |
| 2022-02-04 | CVE-2021-44247 | Command Injection vulnerability in Totolink A3100R Firmware, A720R Firmware and A830R Firmware Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain command injection vulnerability in the function setNoticeCfg. | 9.8 |
| 2022-02-04 | CVE-2021-45737 | Unspecified vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911 TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. | 7.5 |