Totolink CVEs and Security Vulnerabilities

Filtered by vendor Totolink Subscriptions

Search

Switch to Advanced Search (Beta)

Total 788 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-28640	1 Totolink	2 A7000r Firmware, X5000r Firmware	2024-11-21	7.5 High
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.
CVE-2024-24333	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the desc parameter in the setWiFiAclRules function.
CVE-2024-24332	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the url parameter in the setUrlFilterRules function.
CVE-2024-24331	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setWiFiScheduleCfg function.
CVE-2024-24330	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the port or enable parameter in the setRemoteCfg function.
CVE-2024-24329	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setPortForwardRules function.
CVE-2024-24328	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setMacFilterRules function.
CVE-2024-24327	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pppoePass parameter in the setIpv6Cfg function.
CVE-2024-24326	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function.
CVE-2024-24325	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setParentalRules function.
CVE-2024-24324	1 Totolink	2 A8000ru, A8000ru Firmware	2024-11-21	9.8 Critical
TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root stored in /etc/shadow.
CVE-2024-23061	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function.
CVE-2024-23060	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function.
CVE-2024-23059	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function.
CVE-2024-23058	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pass parameter in the setTr069Cfg function.
CVE-2024-23057	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function.
CVE-2024-22942	1 Totolink	2 A3300r, A3300r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function.
CVE-2024-22663	1 Totolink	2 A3700r, A3700r Firmware	2024-11-21	9.8 Critical
TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg
CVE-2024-22662	1 Totolink	2 A3700r, A3700r Firmware	2024-11-21	9.8 Critical
TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules
CVE-2024-22660	1 Totolink	2 A3700r, A3700r Firmware	2024-11-21	9.8 Critical
TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg

« first previous Page 17 of 40. next last »