Vulnerabilities > Totolink > A720R Firmware > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-17 | CVE-2023-23064 | Incorrect Authorization vulnerability in Totolink A720R Firmware 4.1.5Cu.532B20210610 TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control. | 9.8 |
2022-02-04 | CVE-2021-45742 | Command Injection vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911 TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a command injection vulnerability in the "Main" function. | 9.8 |
2022-02-04 | CVE-2021-45740 | Unspecified vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911 TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the setWiFiWpsStart function. | 9.8 |
2022-02-04 | CVE-2021-44247 | Command Injection vulnerability in Totolink A3100R Firmware, A720R Firmware and A830R Firmware Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain command injection vulnerability in the function setNoticeCfg. | 9.8 |
2021-08-05 | CVE-2021-35327 | Missing Authorization vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911 A vulnerability in TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to start the Telnet service, then login with the default credentials via a crafted POST request. | 9.8 |
2021-08-05 | CVE-2021-35324 | Unspecified vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911 A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4.1.5cu.470_B20200911 allows attackers to bypass authentication. | 9.8 |
2021-04-14 | CVE-2021-27710 | OS Command Injection vulnerability in Totolink A720R Firmware and X5000R Firmware Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. | 9.8 |
2021-04-14 | CVE-2021-27708 | OS Command Injection vulnerability in Totolink A720R Firmware and X5000R Firmware Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. | 9.8 |