Vulnerabilities > Totolink > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-15 CVE-2022-27003 OS Command Injection vulnerability in Totolink A7000R Firmware and X5000R Firmware
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6rd function via the relay6rd parameter.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-03-15 CVE-2022-27004 OS Command Injection vulnerability in Totolink A7000R Firmware and X5000R Firmware
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6in4 function via the remote6in4 parameter.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-03-15 CVE-2022-27005 OS Command Injection vulnerability in Totolink A7000R Firmware and X5000R Firmware
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the setWanCfg function via the hostName parameter.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-02-24 CVE-2022-25075 OS Command Injection vulnerability in Totolink A3000Ru Firmware V5.9C.2280B20180512
TOTOLink A3000RU V5.9c.2280_B20180512 was discovered to contain a command injection vulnerability in the "Main" function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-02-24 CVE-2022-25076 OS Command Injection vulnerability in Totolink A800R Firmware V4.1.2Cu.5137B20200730
TOTOLink A800R V4.1.2cu.5137_B20200730 was discovered to contain a command injection vulnerability in the "Main" function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-02-24 CVE-2022-25077 OS Command Injection vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504
TOTOLink A3100R V4.1.2cu.5050_B20200504 was discovered to contain a command injection vulnerability in the "Main" function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-02-24 CVE-2022-25078 OS Command Injection vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102
TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability in the "Main" function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-02-24 CVE-2022-25079 OS Command Injection vulnerability in Totolink A810R Firmware 4.1.2Cu.5182B20201026
TOTOLink A810R V4.1.2cu.5182_B20201026 was discovered to contain a command injection vulnerability in the "Main" function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-02-24 CVE-2022-25080 OS Command Injection vulnerability in Totolink A830R Firmware 5.9C.4729B20191112
TOTOLink A830R V5.9c.4729_B20191112 was discovered to contain a command injection vulnerability in the "Main" function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2022-02-24 CVE-2022-25081 OS Command Injection vulnerability in Totolink T10 V2 Firmware 5.9C.5061B20200511
TOTOLink T10 V5.9c.5061_B20200511 was discovered to contain a command injection vulnerability in the "Main" function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8