High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-02	CVE-2021-42877	Unspecified vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215 TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system. network low complexity totolink	7.5
2022-05-24	CVE-2022-29377	Out-of-bounds Write vulnerability in Totolink A3600R Firmware 4.1.2Cu.5182B20201102 Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a stacker overflow in the fread function at infostat.cgi. network low complexity totolink CWE-787	7.5
2022-05-18	CVE-2022-29638	Out-of-bounds Write vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129 TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setIpQosRules. network low complexity totolink CWE-787	7.5
2022-05-18	CVE-2022-29639	Unspecified vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129 TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a command injection vulnerability via the magicid parameter in the function uci_cloudupdate_config. network high complexity totolink	8.1
2022-05-18	CVE-2022-29640	Out-of-bounds Write vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129 TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setPortForwardRules. network low complexity totolink CWE-787	7.5
2022-05-18	CVE-2022-29641	Out-of-bounds Write vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129 TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the startTime and endTime parameters in the function setParentalRules. network low complexity totolink CWE-787	7.5
2022-05-18	CVE-2022-29642	Out-of-bounds Write vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129 TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules. network low complexity totolink CWE-787	7.5
2022-05-18	CVE-2022-29643	Out-of-bounds Write vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504/4.1.2Cu.5247B20211129 TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos. network low complexity totolink CWE-787	7.5
2022-03-31	CVE-2021-43663	Command Injection vulnerability in Totolink Ex300 V2 Firmware 4.0.3C.140B20210429 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component cloudupdate_check. high complexity totolink CWE-77	7.5
2022-03-30	CVE-2021-43664	Command Injection vulnerability in Totolink Ex300 V2 Firmware 4.0.3C.140B20210429 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component process forceugpo. network high complexity totolink CWE-77	8.1