Vulnerabilities > Totolink

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-26	CVE-2018-13312	Cross-site Scripting vulnerability in Totolink A3002Ru Firmware 1.0.8 Cross-site scripting in notice_gen.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript by modifying the "Input your notice URL" field. network low complexity totolink CWE-79	6.1
2018-11-26	CVE-2018-13311	OS Command Injection vulnerability in Totolink A3002Ru Firmware 1.0.8 System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "sambaUser" POST parameter. network low complexity totolink CWE-78 critical	9.8
2018-11-26	CVE-2018-13310	Cross-site Scripting vulnerability in Totolink A3002Ru Firmware 1.0.8 Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript via the user's username. network low complexity totolink CWE-79	6.1
2018-11-26	CVE-2018-13309	Cross-site Scripting vulnerability in Totolink A3002Ru Firmware 1.0.8 Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript via the user's password. network low complexity totolink CWE-79	6.1
2018-11-26	CVE-2018-13308	Cross-site Scripting vulnerability in Totolink A3002Ru Firmware 1.0.8 Cross-site scripting in notice_gen.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript by modifying the "User phrases button" field. network low complexity totolink CWE-79	6.1

Vulnerabilities > Totolink {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Totolink"}]}

Vulnerabilities > Totolink