Vulnerabilities > Totolink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-26 | CVE-2018-13308 | Cross-site Scripting vulnerability in Totolink A3002Ru Firmware 1.0.8 Cross-site scripting in notice_gen.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript by modifying the "User phrases button" field. | 4.3 |
| 2017-07-17 | CVE-2017-1000020 | Improper Authentication vulnerability in Ecos Embedded web Servers SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. | 10.0 |