Vulnerabilities > Totolink > High

DATE CVE VULNERABILITY TITLE RISK
2022-07-01 CVE-2022-32048 Out-of-bounds Write vulnerability in Totolink T6 Firmware 4.1.9Cu.5179B20201015
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88.
network
low complexity
totolink CWE-787
7.5
7.5
2022-07-01 CVE-2022-32049 Out-of-bounds Write vulnerability in Totolink T6 Firmware 4.1.9Cu.5179B20201015
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540.
network
low complexity
totolink CWE-787
7.5
7.5
2022-07-01 CVE-2022-32050 Out-of-bounds Write vulnerability in Totolink T6 Firmware 4.1.9Cu.5179B20201015
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40.
network
low complexity
totolink CWE-787
7.5
7.5
2022-07-01 CVE-2022-32051 Out-of-bounds Write vulnerability in Totolink T6 Firmware 4.1.9Cu.5179B20201015
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4.
network
low complexity
totolink CWE-787
7.5
7.5
2022-07-01 CVE-2022-32052 Out-of-bounds Write vulnerability in Totolink T6 Firmware 4.1.9Cu.5179B20201015
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4.
network
low complexity
totolink CWE-787
7.5
7.5
2022-07-01 CVE-2022-32053 Out-of-bounds Write vulnerability in Totolink T6 Firmware 4.1.9Cu.5179B20201015
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c.
network
low complexity
totolink CWE-787
7.5
7.5
2022-06-03 CVE-2021-42893 Missing Authentication for Critical Function vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization through getSysStatusCfg.
network
low complexity
totolink CWE-306
7.5
7.5
2022-06-03 CVE-2021-42891 Missing Authentication for Critical Function vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization.
network
low complexity
totolink CWE-306
7.5
7.5
2022-06-03 CVE-2021-42889 Missing Authentication for Critical Function vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, wifiname, etc.) without authorization.
network
low complexity
totolink CWE-306
7.5
7.5
2022-06-03 CVE-2021-42886 Information Exposure vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file.
network
low complexity
totolink CWE-200
7.5
7.5