Vulnerabilities (CVE)

Total 194180 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-37076 1 Totolink 2 A7000r, A7000r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
CVE-2022-36458 1 Totolink 2 A3700r, A3700r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.
CVE-2022-36459 1 Totolink 2 A3700r, A3700r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.
CVE-2022-36460 1 Totolink 2 A3700r, A3700r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
CVE-2022-36461 1 Totolink 2 A3700r, A3700r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.
CVE-2022-36462 1 Totolink 2 A3700r, A3700r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.
CVE-2022-36487 1 Totolink 2 N350rt, N350rt Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.
CVE-2022-37075 1 Totolink 2 A7000r, A7000r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.
CVE-2022-36465 1 Totolink 2 A3700r, A3700r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter.
CVE-2022-36466 1 Totolink 2 A3700r, A3700r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.
CVE-2022-36479 1 Totolink 2 N350rt, N350rt Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.
CVE-2022-36482 1 Totolink 2 N350rt, N350rt Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg.
CVE-2022-36484 1 Totolink 2 N350rt, N350rt Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the function setDiagnosisCfg.
CVE-2022-36485 1 Totolink 2 N350rt, N350rt Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.
CVE-2022-36486 1 Totolink 2 N350rt, N350rt Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
CVE-2022-36463 1 Totolink 2 A3700r, A3700r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.
CVE-2022-36480 1 Totolink 2 N350rt, N350rt Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.
CVE-2022-36481 1 Totolink 2 N350rt, N350rt Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg.
CVE-2022-36456 1 Totolink 2 A720r, A720r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.
CVE-2022-36464 1 Totolink 2 A3700r, A3700r Firmware 2022-08-26 N/A 7.8 HIGH
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.