Vulnerabilities > Totolink > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-31 | CVE-2023-7187 | Unspecified vulnerability in Totolink N350Rt Firmware 9.3.5U.6139B20201216 A vulnerability was found in Totolink N350RT 9.3.5u.6139_B20201216. low complexity totolink | 8.8 |
2023-12-06 | CVE-2023-48859 | Incorrect Authorization vulnerability in Totolink A3002Ru Firmware 2.0.0B20190902.1958 TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code. | 8.8 |
2023-11-20 | CVE-2023-48192 | Code Injection vulnerability in Totolink A3700R Firmware 9.1.2U.6134B20201202 An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function. | 7.8 |
2023-10-31 | CVE-2023-46992 | Unspecified vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024 TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. | 7.5 |
2023-10-31 | CVE-2023-46978 | Missing Authentication for Critical Function vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719 TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords without authentication. | 7.5 |
2023-10-16 | CVE-2023-45985 | Out-of-bounds Write vulnerability in Totolink A7000R Firmware and X5000R Firmware TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 were discovered to contain a stack overflow in the function setParentalRules. | 7.5 |
2023-09-04 | CVE-2023-4746 | Use of Externally-Controlled Format String vulnerability in Totolink N200Re-V5 Firmware 9.3.5U.6437B20230519 A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. | 8.8 |
2023-07-17 | CVE-2023-34669 | Unspecified vulnerability in Totolink Cp300+ Firmware 5.2Cu.7594 TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system. | 7.5 |
2023-05-31 | CVE-2023-33485 | Out-of-bounds Write vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102/9.1.0U.6369B20230113 TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a post-authentication buffer overflow via parameter sPort/ePort in the addEffect function. | 8.8 |
2023-02-03 | CVE-2023-24147 | Use of Hard-coded Credentials vulnerability in Totolink Ca300-Poe Firmware 6.2C.884 TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini. | 7.5 |