A7000r Firmware Security Vulnerabilities
9.8CVSS
9.5AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.001EPSS
An issue in ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154 allows an attacker to execute arbitrary code via the cig-bin/cstecgi.cgi to the settings/setPasswordCfg...
9.8CVSS
9.6AI Score
0.001EPSS
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the lang parameter in the function...
9.8CVSS
9.7AI Score
0.001EPSS
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 were discovered to contain a stack overflow in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST...
7.5CVSS
7.5AI Score
0.0004EPSS
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function...
9.8CVSS
9.6AI Score
0.001EPSS
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the File parameter in the function...
9.8CVSS
9.7AI Score
0.001EPSS
TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via...
9.8CVSS
9.5AI Score
0.007EPSS
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function...
7.8CVSS
7.9AI Score
0.002EPSS
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the sPort parameter at the addEffect...
7.8CVSS
7.8AI Score
0.0005EPSS
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the command parameter at...
7.8CVSS
7.8AI Score
0.002EPSS
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the pppoeUser...
7.8CVSS
7.8AI Score
0.0005EPSS
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the lang parameter at...
7.8CVSS
7.9AI Score
0.002EPSS
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the command parameter at...
7.8CVSS
7.9AI Score
0.0005EPSS
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the host_time parameter at the function...
7.8CVSS
7.9AI Score
0.002EPSS
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function...
7.8CVSS
7.8AI Score
0.002EPSS
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function...
7.8CVSS
7.8AI Score
0.002EPSS
TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ip parameter in the function...
7.8CVSS
7.8AI Score
0.0005EPSS
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the setWanCfg function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted...
9.8CVSS
9.9AI Score
0.116EPSS
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6in4 function via the remote6in4 parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted...
9.8CVSS
9.9AI Score
0.116EPSS
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6rd function via the relay6rd parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted...
9.8CVSS
9.9AI Score
0.116EPSS