Vulnerabilities > Totolink

DATE CVE VULNERABILITY TITLE RISK
2022-05-18 CVE-2022-29642 Out-of-bounds Write vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules.
network
low complexity
totolink CWE-787
7.5
7.5
2022-05-18 CVE-2022-29643 Out-of-bounds Write vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos.
network
low complexity
totolink CWE-787
7.5
7.5
2022-05-18 CVE-2022-29644 Use of Hard-coded Credentials vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for the telnet service stored in the component /web_cste/cgi-bin/product.ini.
network
low complexity
totolink CWE-798
critical
 9.8
9.8
2022-05-18 CVE-2022-29645 Use of Hard-coded Credentials vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for root stored in the component /etc/shadow.sample.
network
low complexity
totolink CWE-798
critical
 9.8
9.8
2022-05-18 CVE-2022-29646 Exposure of Resource to Wrong Sphere vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129
An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows attackers to obtain sensitive information via a crafted web request.
network
low complexity
totolink CWE-668
5.3
5.3
2022-05-10 CVE-2022-29391 Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2022-05-10 CVE-2022-29392 Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2022-05-10 CVE-2022-29393 Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2022-05-10 CVE-2022-29394 Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2022-05-10 CVE-2022-29395 Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4.
network
low complexity
totolink CWE-787
critical
 9.8
9.8