Lucene search
K

12 matches found

OSV
OSV
added 2024/11/21 6:15 p.m.5 views

CVE-2024-53335

TOTOLINK A810R V4.1.2cu.5182B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi...

7.8CVSS5.8AI score0.00251EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/11/21 12:0 a.m.4 views

PT-2024-35725 · Totolink · Totolink A810R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version 4.1.2cu.5182 B20201026 Description: The issue is related to a Buffer Overflow in the infostat.cgi component. Recommendations: For TOTOLINK A810R version 4.1.2cu.5182 B20201026, consider restricting access to the...

8.8CVSS7AI score0.00711EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/11/21 12:0 a.m.4 views

PT-2024-35726 · Totolink · Totolink A810R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version 4.1.2cu.5182 B20201026 Description: The issue is related to a Buffer Overflow in the downloadFlile.cgi endpoint. This can potentially allow for unauthorized access or execution of malicious code. Recommendations: For...

7.8CVSS7.1AI score0.00251EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.6 views

PT-2024-38148 · Totolink · Totolink A3600R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue has been found, affecting the function setWiFiAclAddConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the comment argument leads to buffer overflow. This...

9CVSS8.8AI score0.01091EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.6 views

PT-2024-38140 · Totolink · Totolink A3600R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue has been found, affecting the function setMacQos of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument priority/macAddress leads to buffer overflow. Thi...

9CVSS8.8AI score0.01091EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.5 views

PT-2024-38145 · Totolink · Totolink A3600R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue was found in the setUploadSetting function of the /cgi-bin/cstecgi.cgi file. The manipulation of the FileName argument leads to a buffer overflow. This issue can be...

9CVSS8.8AI score0.01091EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2022/09/29 12:0 a.m.6 views

PT-2022-25398 · Totolink · Totolink A860R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A860R version 4.1.2cu.5182 B20201027 Description: The issue is related to a command injection via the component "/cgi-bin/downloadFile.cgi". This allows for potential malicious commands to be executed. Recommendations: For TOTOLINK...

9.8CVSS9.7AI score0.03505EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.4 views

PT-2022-23379 · Totolink · Totolink A3600R

Name of the Vulnerable Software and Affected Versions: TOTOLink A3600R version 4.1.2cu.5182 B20201102 Description: A command injection issue was found via the username parameter in the "/cstecgi.cgi" API endpoint. This allows for potential command injection attacks. Recommendations: For TOTOLink...

7.8CVSS7.7AI score0.01086EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/08/04 7:15 p.m.3 views

CVE-2022-34993

Totolink A3600RFirmware V4.1.2cu.5182B20201102 contains a hard code password for root in /etc/shadow.sample...

9.8CVSS6AI score0.00876EPSS
Exploits1References3
OSV
OSV
added 2022/02/24 3:15 p.m.4 views

CVE-2022-25079

TOTOLink A810R V4.1.2cu.5182B20201026 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS7.5AI score0.0322EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/02/22 12:0 a.m.3 views

PT-2022-3856 · Totolink · Totolink A810R

Name of the Vulnerable Software and Affected Versions: TOTOLink A810R version 4.1.2cu.5182 B20201026 Description: The issue is related to a command injection vulnerability in the "Main" function of the TOTOLink A810R router's firmware. This vulnerability is caused by the lack of input data...

10CVSS9.8AI score0.0322EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/02/22 12:0 a.m.5 views

PT-2022-3896 · Totolink · Totolink A3600R

Name of the Vulnerable Software and Affected Versions: TOTOLink A3600R version 4.1.2cu.5182 B20201102 Description: The issue is related to a command injection vulnerability in the "Main" function of the TOTOLink A3600R router's firmware. This vulnerability is caused by the lack of input data...

10CVSS9.7AI score0.0322EPSS
Exploits1References4
Rows per page
Query Builder