224 matches found
TOTOLINK A720R Code Execution Vulnerability (CNVD-2025-29722)
TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a code execution vulnerability that stems from the over setdiagnosicfg function found to contain a...
TOTOLINK A720R Code Execution Vulnerability
TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a code execution vulnerability that stems from the discovery of a remote code execution RCE...
TOTOLINK A720R 操作系统命令注入漏洞
TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a code execution vulnerability that stems from the discovery of a remote code execution RCE...
PT-2022-24441 · Totolink · Totolink A720R
Name of the Vulnerable Software and Affected Versions: TOTOLINK-720R version 4.1.5cu.374 Description: A remote code execution issue was discovered, which can be exploited via the setdiagnosicfg function. Recommendations: For TOTOLINK-720R version 4.1.5cu.374, consider disabling the setdiagnosicfg...
TOTOLINK A720R Hardcoded Vulnerability
TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a hard-coded vulnerability that stems from the inclusion of root's hard-coded password in...
TOTOLINK A720R Command Injection Vulnerability (CNVD-2025-29723)
TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a command injection vulnerability that originates from a command injection issue with the username...
CVE-2022-36610
TOTOLINK A720R V4.1.5cu.532B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
CVE-2022-36610
TOTOLINK A720R V4.1.5cu.532B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
CVE-2022-36610
TOTOLINK A720R V4.1.5cu.532B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
Hardcoded credentials
TOTOLINK A720R V4.1.5cu.532B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
CVE-2022-36610
TOTOLINK A720R V4.1.5cu.532B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample...
CVE-2022-36610
CVE-2022-36610 affects TOTOLINK A720R, specifically version 4.1.5cu.532_B20210610, which reportedly contains a hardcoded root password in /etc/shadow.sample. The root cause is a hardcoded credential embedded in the device image, enabling local unauthorized access if exploited. Impact is described...
PT-2022-23504 · Totolink · Totolink A720R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A720R version 4.1.5cu.532 B20210610 Description: The issue concerns a hardcoded password for the root user located at /etc/shadow.sample. This could potentially allow unauthorized access to the system. Recommendations: For TOTOLINK...
TOTOLINK A720R 信任管理问题漏洞
TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a hard-coded vulnerability that stems from the inclusion of root's hard-coded password in...
CVE-2022-36456
TOTOLink A720R V4.1.5cu.532B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...
CVE-2022-36456
TOTOLink A720R V4.1.5cu.532B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...
CVE-2022-36456
TOTOLink A720R V4.1.5cu.532B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...
Command injection
TOTOLink A720R V4.1.5cu.532B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...
CVE-2022-36456
Totolink A720R firmware 4.1.5cu.532_B20210610 contains a command-injection flaw in /cstecgi.cgi caused by insufficient sanitization of the username parameter. This yields potential local command execution. The PT-2022-23380 advisory confirms the affected version and recommends restricting access ...
CVE-2022-36456
TOTOLink A720R V4.1.5cu.532B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...