Vulnerabilities > Totolink > A830R Firmware > 4.1.2cu.5182

DATE CVE VULNERABILITY TITLE RISK
2023-01-27 CVE-2022-48066 Improper Authentication vulnerability in Totolink A830R Firmware 4.1.2Cu.5182
An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authentication via a crafted cookie.
network
low complexity
totolink CWE-287
critical
 9.8
9.8
2023-01-27 CVE-2022-48067 Use of Hard-coded Credentials vulnerability in Totolink A830R Firmware 4.1.2Cu.5182
An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attack.
local
low complexity
totolink CWE-798
5.5
5.5
2023-01-27 CVE-2022-48069 OS Command Injection vulnerability in Totolink A830R Firmware 4.1.2Cu.5182
Totolink A830R V4.1.2cu.5182 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter.
network
low complexity
totolink CWE-78
7.5
7.5