Vulnerabilities > Totolink > A720R Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-15 CVE-2024-8869 OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5.
network
high complexity
totolink CWE-78
8.1
2022-09-15 CVE-2022-38534 OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5Cu.374
TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setdiagnosicfg function.
network
low complexity
totolink CWE-78
7.2
2022-09-15 CVE-2022-38535 OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5Cu.374
TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function.
network
low complexity
totolink CWE-78
7.2
2022-08-29 CVE-2022-36610 Use of Hard-coded Credentials vulnerability in Totolink A720R Firmware 4.1.5Cu.532B20210610
TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
local
low complexity
totolink CWE-798
7.8
2022-08-25 CVE-2022-36456 OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5Cu.532B20210610
TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.
local
low complexity
totolink CWE-78
7.8
2022-02-04 CVE-2021-44246 Unspecified vulnerability in Totolink A3100R Firmware, A720R Firmware and A830R Firmware
Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain a stack overflow in the function setNoticeCfg.
network
low complexity
totolink
7.5
2022-02-04 CVE-2021-45737 Unspecified vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911
TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function.
network
low complexity
totolink
7.5
2022-02-04 CVE-2021-45739 Unspecified vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911
TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function.
network
low complexity
totolink
7.5
2021-08-05 CVE-2021-35325 Out-of-bounds Write vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911
A stack overflow in the checkLoginUser function of TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to cause a denial of service (DOS).
network
low complexity
totolink CWE-787
7.5
2021-08-05 CVE-2021-35326 Unspecified vulnerability in Totolink A720R Firmware 4.1.5Cu.470B20200911
A vulnerability in TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows attackers to download the configuration file via sending a crafted HTTP request.
network
low complexity
totolink
7.5