Vulnerabilities > Totolink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-10 | CVE-2022-29394 | Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448. | 10.0 |
| 2022-05-10 | CVE-2022-29395 | Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4. | 10.0 |
| 2022-05-10 | CVE-2022-29396 | Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10. | 10.0 |
| 2022-05-10 | CVE-2022-29397 | Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8. | 10.0 |
| 2022-05-10 | CVE-2022-29398 | Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c. | 10.0 |
| 2022-05-10 | CVE-2022-29399 | Out-of-bounds Write vulnerability in Totolink N600R Firmware 4.3.0Cu.7647B20210106 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0. | 10.0 |
| 2022-05-10 | CVE-2022-28905 | OS Command Injection vulnerability in Totolink N600R Firmware 5.3C.7159B20190425 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName. | 9.8 |
| 2022-05-10 | CVE-2022-28906 | OS Command Injection vulnerability in Totolink N600R Firmware 5.3C.7159B20190425 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg. | 9.8 |
| 2022-05-10 | CVE-2022-28907 | OS Command Injection vulnerability in Totolink N600R Firmware 5.3C.7159B20190425 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost. | 9.8 |
| 2022-05-10 | CVE-2022-28908 | OS Command Injection vulnerability in Totolink N600R Firmware 5.3C.7159B20190425 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg. | 9.8 |