Vulnerabilities > Totolink > Lr350 Firmware > 9.3.5u.6369.b20220309
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-07 | CVE-2023-37145 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function. | 9.8 |
| 2023-07-07 | CVE-2023-37146 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function. | 9.8 |
| 2023-07-07 | CVE-2023-37148 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the ussd parameter in the setUssd function. | 9.8 |
| 2023-07-07 | CVE-2023-37149 | Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function. | 9.8 |
| 2022-11-23 | CVE-2022-44249 | OS Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the UploadFirmwareFile function. | 9.8 |
| 2022-11-23 | CVE-2022-44250 | OS Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the hostName parameter in the setOpModeCfg function. | 9.8 |
| 2022-11-23 | CVE-2022-44251 | OS Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the ussd parameter in the setUssd function. | 9.8 |
| 2022-11-23 | CVE-2022-44252 | OS Command Injection vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the setUploadSetting function. | 9.8 |
| 2022-11-23 | CVE-2022-44253 | Out-of-bounds Write vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter ip in the setDiagnosisCfg function. | 8.8 |
| 2022-11-23 | CVE-2022-44254 | Out-of-bounds Write vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter text in the setSmsCfg function. | 8.8 |