Vulnerabilities > Totolink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-28 | CVE-2024-7157 | Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504 A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. | 8.8 |
| 2024-07-28 | CVE-2024-7154 | Missing Authentication for Critical Function vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. | 7.5 |
| 2024-07-28 | CVE-2024-7155 | Use of Hard-coded Credentials vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as problematic. | 4.7 |
| 2024-07-23 | CVE-2024-41319 | Command Injection vulnerability in Totolink A6000R Firmware 1.0.1B20201211.2000 TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function. | 9.8 |
| 2024-06-13 | CVE-2024-37632 | Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012 TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth . | 9.8 |
| 2024-06-13 | CVE-2024-37635 | Classic Buffer Overflow vulnerability in Totolink A3700R Firmware 9.1.2U.616520211012 TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg | 9.8 |
| 2024-02-20 | CVE-2024-1661 | Use of Hard-coded Credentials vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719 A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719. | 5.5 |
| 2024-01-30 | CVE-2024-24324 | Use of Hard-coded Credentials vulnerability in Totolink A8000Ru Firmware 7.1Cu.643B20200521 TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root stored in /etc/shadow. | 9.8 |
| 2024-01-30 | CVE-2024-24325 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setParentalRules function. | 9.8 |
| 2024-01-30 | CVE-2024-24326 | OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function. | 9.8 |