12 matches found
CVE-2024-53335
TOTOLINK A810R V4.1.2cu.5182B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi...
PT-2024-35725 · Totolink · Totolink A810R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version 4.1.2cu.5182 B20201026 Description: The issue is related to a Buffer Overflow in the infostat.cgi component. Recommendations: For TOTOLINK A810R version 4.1.2cu.5182 B20201026, consider restricting access to the...
PT-2024-35726 · Totolink · Totolink A810R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version 4.1.2cu.5182 B20201026 Description: The issue is related to a Buffer Overflow in the downloadFlile.cgi endpoint. This can potentially allow for unauthorized access or execution of malicious code. Recommendations: For...
PT-2024-38148 · Totolink · Totolink A3600R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue has been found, affecting the function setWiFiAclAddConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the comment argument leads to buffer overflow. This...
PT-2024-38140 · Totolink · Totolink A3600R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue has been found, affecting the function setMacQos of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument priority/macAddress leads to buffer overflow. Thi...
PT-2024-38145 · Totolink · Totolink A3600R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue was found in the setUploadSetting function of the /cgi-bin/cstecgi.cgi file. The manipulation of the FileName argument leads to a buffer overflow. This issue can be...
PT-2022-25398 · Totolink · Totolink A860R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A860R version 4.1.2cu.5182 B20201027 Description: The issue is related to a command injection via the component "/cgi-bin/downloadFile.cgi". This allows for potential malicious commands to be executed. Recommendations: For TOTOLINK...
PT-2022-23379 · Totolink · Totolink A3600R
Name of the Vulnerable Software and Affected Versions: TOTOLink A3600R version 4.1.2cu.5182 B20201102 Description: A command injection issue was found via the username parameter in the "/cstecgi.cgi" API endpoint. This allows for potential command injection attacks. Recommendations: For TOTOLink...
CVE-2022-34993
Totolink A3600RFirmware V4.1.2cu.5182B20201102 contains a hard code password for root in /etc/shadow.sample...
CVE-2022-25079
TOTOLink A810R V4.1.2cu.5182B20201026 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...
PT-2022-3856 · Totolink · Totolink A810R
Name of the Vulnerable Software and Affected Versions: TOTOLink A810R version 4.1.2cu.5182 B20201026 Description: The issue is related to a command injection vulnerability in the "Main" function of the TOTOLink A810R router's firmware. This vulnerability is caused by the lack of input data...
PT-2022-3896 · Totolink · Totolink A3600R
Name of the Vulnerable Software and Affected Versions: TOTOLink A3600R version 4.1.2cu.5182 B20201102 Description: The issue is related to a command injection vulnerability in the "Main" function of the TOTOLink A3600R router's firmware. This vulnerability is caused by the lack of input data...