Vulnerabilities > Totolink > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2024-0572 Unspecified vulnerability in Totolink Lr1200Gb Firmware 9.1.0U.6619B20230130
A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130.
network
low complexity
totolink
critical
 9.8
9.8
2024-01-16 CVE-2024-0569 Missing Authorization vulnerability in Totolink T8 Firmware 4.1.5Cu.83320220905
A vulnerability classified as problematic has been found in Totolink T8 4.1.5cu.833_20220905.
network
low complexity
totolink CWE-862
critical
 9.1
9.1
2024-01-12 CVE-2023-52026 Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316
TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface
network
low complexity
totolink
critical
 9.8
9.8
2024-01-11 CVE-2024-22942 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2024-23057 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2024-23058 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pass parameter in the setTr069Cfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2024-23059 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2024-23060 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2024-23061 OS Command Injection vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function.
network
low complexity
totolink CWE-78
critical
 9.8
9.8
2024-01-11 CVE-2023-52027 Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8