Vulnerabilities > Totolink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-26 | CVE-2018-13311 | OS Command Injection vulnerability in Totolink A3002Ru Firmware 1.0.8 System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "sambaUser" POST parameter. | 10.0 |
| 2017-07-17 | CVE-2017-1000020 | Improper Authentication vulnerability in Ecos Embedded web Servers SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. | 10.0 |