Vulnerabilities > Totolink > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-30 CVE-2024-24326 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-30 CVE-2024-24327 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pppoePass parameter in the setIpv6Cfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-30 CVE-2024-24328 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setMacFilterRules function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-30 CVE-2024-24329 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setPortForwardRules function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-30 CVE-2024-24330 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the port or enable parameter in the setRemoteCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-30 CVE-2024-24331 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setWiFiScheduleCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-30 CVE-2024-24332 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the url parameter in the setUrlFilterRules function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-30 CVE-2024-24333 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the desc parameter in the setWiFiAclRules function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-29 CVE-2024-1001 Stack-based Buffer Overflow vulnerability in Totolink N200Re Firmware 9.3.5U.6139B20201216
A vulnerability classified as critical has been found in Totolink N200RE 9.3.5u.6139_B20201216.
network
low complexity
totolink CWE-121
critical
 9.8
9.8
2024-01-25 CVE-2024-22529 Command Injection vulnerability in Totolink X2000R Firmware 2.0.0B20230727.10434
TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub_449040 (handle function of formUploadFile) of /bin/boa.
network
low complexity
totolink CWE-77
critical
 9.8
9.8