Filtered by vendor Totolink
Subscriptions
Filtered by product Ca600-poe
Subscriptions
Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-44847 | 1 Totolink | 2 Ca600-poe, Ca600-poe Firmware | 2025-05-22 | 6.3 Medium |
| TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2025-44846 | 1 Totolink | 2 Ca600-poe, Ca600-poe Firmware | 2025-05-22 | 6.3 Medium |
| TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the recvUpgradeNewFw function via the fwUrl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2025-44845 | 1 Totolink | 2 Ca600-poe, Ca600-poe Firmware | 2025-05-22 | 6.5 Medium |
| TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2025-44844 | 1 Totolink | 2 Ca600-poe, Ca600-poe Firmware | 2025-05-22 | 6.5 Medium |
| TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2025-44843 | 1 Totolink | 2 Ca600-poe, Ca600-poe Firmware | 2025-05-22 | 6.5 Medium |
| TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2025-44842 | 1 Totolink | 2 Ca600-poe, Ca600-poe Firmware | 2025-05-22 | 6.5 Medium |
| TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Port parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2025-44841 | 1 Totolink | 2 Ca600-poe, Ca600-poe Firmware | 2025-05-22 | 6.5 Medium |
| TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the version parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2025-44840 | 1 Totolink | 2 Ca600-poe, Ca600-poe Firmware | 2025-05-22 | 6.5 Medium |
| TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the svn parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2025-44839 | 1 Totolink | 2 Ca600-poe, Ca600-poe Firmware | 2025-05-22 | 6.5 Medium |
| TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the magicid parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2025-44848 | 1 Totolink | 2 Ca600-poe, Ca600-poe Firmware | 2025-05-21 | 6.5 Medium |
| TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
Page 1 of 1.