Vulnerabilities > Totolink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-25 | CVE-2023-7095 | Classic Buffer Overflow vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. | 9.8 |
| 2023-12-22 | CVE-2023-50147 | OS Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. | 9.8 |
| 2023-12-22 | CVE-2023-51011 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanPriDns parameter’ of the setLanConfig interface of the cstecgi .cgi | 9.8 |
| 2023-12-22 | CVE-2023-51012 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51013 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51014 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi | 9.8 |
| 2023-12-22 | CVE-2023-51015 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi | 9.8 |
| 2023-12-22 | CVE-2023-51016 | Command Injection vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51017 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51018 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘opmode’ parameter of the setWiFiApConfig interface of the cstecgi .cgi. | 9.8 |