Vulnerabilities > Totolink > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2024-22942 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2024-23057 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2024-23058 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pass parameter in the setTr069Cfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2024-23059 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2024-23060 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2024-23061 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2023-52027 Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2024-01-11 CVE-2023-52028 Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function.
network
low complexity
totolink
critical
 9.8
9.8
2024-01-11 CVE-2023-52029 Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function.
network
low complexity
totolink
critical
 9.8
9.8
2024-01-11 CVE-2023-52030 Unspecified vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function.
network
low complexity
totolink
critical
 9.8
9.8