Totolink CVEs and Security Vulnerabilities

Filtered by vendor Totolink Subscriptions

Search

Switch to Advanced Search (Beta)

Total 976 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-34203	1 Totolink	2 Cp450, Cp450 Firmware	2025-04-03	3.8 Low
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function.
CVE-2022-48125	1 Totolink	2 A7100ru, A7100ru Firmware	2025-04-03	9.8 Critical
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function.
CVE-2022-48124	1 Totolink	2 A7100ru, A7100ru Firmware	2025-04-03	9.8 Critical
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function.
CVE-2022-48123	1 Totolink	2 A7100ru, A7100ru Firmware	2025-04-03	9.8 Critical
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function.
CVE-2022-48122	1 Totolink	2 A7100ru, A7100ru Firmware	2025-04-03	9.8 Critical
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function.
CVE-2022-48121	1 Totolink	2 A7100ru, A7100ru Firmware	2025-04-03	9.8 Critical
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function.
CVE-2024-41314	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	6.8 Medium
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
CVE-2024-41315	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	6.8 Medium
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
CVE-2024-41316	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	9.8 Critical
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
CVE-2024-41317	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	8 High
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
CVE-2024-41318	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	9.8 Critical
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
CVE-2024-41320	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	8.8 High
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the get_apcli_conn_info function.
CVE-2024-57211	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	8 High
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enable_wsh function.
CVE-2024-57212	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	5.1 Medium
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the opmode parameter in the action_reboot function.
CVE-2024-57213	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	6.3 Medium
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the newpasswd parameter in the action_passwd function.
CVE-2024-57214	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	6.3 Medium
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
CVE-2024-37626	1 Totolink	2 A6000r, A6000r Firmware	2025-04-03	8.8 High
A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote attacker to execute arbitrary code via the iface parameter in the vif_enable function.
CVE-2024-35395	1 Totolink	3 Cp900 L, Cp900l, Cp900l Firmware	2025-04-03	8.8 High
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
CVE-2024-35396	1 Totolink	3 Cp900, Cp900l, Cp900l Firmware	2025-04-03	9.8 Critical
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows attackers to log in as root.
CVE-2024-35397	1 Totolink	2 Cp900l, Cp900l Firmware	2025-04-03	8.8 High
TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

« first previous Page 20 of 49. next last »