Filtered by vendor Totolink
Subscriptions
Total
767 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-28034 | 1 Totolink | 12 A3000ru, A3000ru Firmware, A3100r and 9 more | 2025-04-29 | 9.8 Critical |
| TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter. | ||||
| CVE-2025-28035 | 1 Totolink | 12 A3000ru, A3000ru Firmware, A3100r and 9 more | 2025-04-29 | 9.8 Critical |
| TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter. | ||||
| CVE-2025-28036 | 1 Totolink | 12 A3000ru, A3000ru Firmware, A3100r and 9 more | 2025-04-29 | 9.8 Critical |
| TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter. | ||||
| CVE-2025-28037 | 1 Totolink | 4 A810r, A810r Firmware, A950rg and 1 more | 2025-04-29 | 9.8 Critical |
| TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter. | ||||
| CVE-2025-28038 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-04-29 | 9.8 Critical |
| TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter. | ||||
| CVE-2025-28039 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-04-29 | 9.8 Critical |
| TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter. | ||||
| CVE-2022-44844 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-04-29 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function. | ||||
| CVE-2022-44843 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-04-29 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function. | ||||
| CVE-2022-44252 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the setUploadSetting function. | ||||
| CVE-2022-44251 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the ussd parameter in the setUssd function. | ||||
| CVE-2022-44250 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the hostName parameter in the setOpModeCfg function. | ||||
| CVE-2022-44249 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the UploadFirmwareFile function. | ||||
| CVE-2022-44260 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter sPort/ePort in the setIpPortFilterRules function. | ||||
| CVE-2022-44259 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter week, sTime, and eTime in the setParentalRules function. | ||||
| CVE-2022-44258 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter command in the setTracerouteCfg function. | ||||
| CVE-2022-44257 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter pppoeUser in the setOpModeCfg function. | ||||
| CVE-2022-44256 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter lang in the setLanguageCfg function. | ||||
| CVE-2022-44255 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a pre-authentication buffer overflow in the main function via long post data. | ||||
| CVE-2022-44254 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter text in the setSmsCfg function. | ||||
| CVE-2022-44253 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter ip in the setDiagnosisCfg function. | ||||