Filtered by vendor Totolink
Subscriptions
Filtered by product Lr350
Subscriptions
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-63467 | 1 Totolink | 1 Lr350 | 2025-11-03 | 7.5 High |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_425400 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-63466 | 1 Totolink | 1 Lr350 | 2025-11-03 | 7.5 High |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the sub_426EF8 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-63463 | 1 Totolink | 1 Lr350 | 2025-11-03 | 7.5 High |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the wifiOff parameter in the sub_4232EC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-63468 | 1 Totolink | 1 Lr350 | 2025-11-03 | 7.5 High |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the sub_426EF8 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-63465 | 1 Totolink | 1 Lr350 | 2025-11-03 | 7.5 High |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_422880 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-63464 | 1 Totolink | 1 Lr350 | 2025-11-03 | 7.5 High |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_42396C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-63469 | 1 Totolink | 1 Lr350 | 2025-11-03 | 7.5 High |
| Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_421BAC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2024-35099 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-05-05 | 9.8 Critical |
| TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth. | ||||
| CVE-2022-44252 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the setUploadSetting function. | ||||
| CVE-2022-44251 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the ussd parameter in the setUssd function. | ||||
| CVE-2022-44250 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the hostName parameter in the setOpModeCfg function. | ||||
| CVE-2022-44249 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the UploadFirmwareFile function. | ||||
| CVE-2022-44260 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter sPort/ePort in the setIpPortFilterRules function. | ||||
| CVE-2022-44259 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter week, sTime, and eTime in the setParentalRules function. | ||||
| CVE-2022-44258 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter command in the setTracerouteCfg function. | ||||
| CVE-2022-44257 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter pppoeUser in the setOpModeCfg function. | ||||
| CVE-2022-44255 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a pre-authentication buffer overflow in the main function via long post data. | ||||
| CVE-2022-44254 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter text in the setSmsCfg function. | ||||
| CVE-2022-44253 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter ip in the setDiagnosisCfg function. | ||||
| CVE-2024-35387 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-04 | 9.8 Critical |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. | ||||