Vulnerabilities > Totolink

DATE CVE VULNERABILITY TITLE RISK
2023-01-27 CVE-2022-48069 OS Command Injection vulnerability in Totolink A830R Firmware 4.1.2Cu.5182
Totolink A830R V4.1.2cu.5182 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter.
network
low complexity
totolink CWE-78
7.5
7.5
2023-01-20 CVE-2022-48121 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2023-01-20 CVE-2022-48122 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2023-01-20 CVE-2022-48123 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2023-01-20 CVE-2022-48124 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2023-01-20 CVE-2022-48125 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2023-01-20 CVE-2022-48126 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2023-01-17 CVE-2022-47853 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-12-15 CVE-2022-46631 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-12-15 CVE-2022-46634 OS Command Injection vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8