Vulnerabilities > Totolink > A950Rg Firmware > 4.1.2cu.5204.b20210112

DATE CVE VULNERABILITY TITLE RISK
2022-08-29 CVE-2022-36612 Use of Hard-coded Credentials vulnerability in Totolink A950Rg Firmware 4.1.2Cu.5204B20210112
TOTOLINK A950RG V4.1.2cu.5204_B20210112 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
local
low complexity
totolink CWE-798
7.8
7.8
2022-02-24 CVE-2022-25082 OS Command Injection vulnerability in Totolink A950Rg Firmware 4.1.2Cu.5204B20210112/5.9C.4050B20190424
TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the "Main" function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8