Lucene search
K

222 matches found

Prion
Prion
added 2021/08/05 9:15 p.m.17 views

Stack overflow

A stack overflow in the checkLoginUser function of TOTOLINK A720R A720RFirmware v4.1.5cu.470B20200911 allows attackers to cause a denial of service DOS...

5CVSS7.5AI score0.13313EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/08/05 9:15 p.m.16 views

Cross site request forgery (csrf)

A vulnerability in TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows attackers to download the configuration file via sending a crafted HTTP request...

5CVSS7.4AI score0.02535EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/05 8:39 p.m.27 views

CVE-2021-35325

A stack overflow in the checkLoginUser function of TOTOLINK A720R A720RFirmware v4.1.5cu.470B20200911 allows attackers to cause a denial of service DOS...

7.7AI score0.13313EPSS
Exploits1References1
CVE
CVE
added 2021/08/05 8:39 p.m.73 views

CVE-2021-35325

The CVE-2021-35325 case concerns Totolink A720R firmware v4.1.5cu.470_B20200911, where a stack overflow in the checkLoginUser function due to incorrect data handling enables a network-based denial of service. The impact described is partial availability loss, with higher severity on CVSS 3.1 (7.5...

7.5CVSS7.5AI score0.13313EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/05 8:39 p.m.23 views

CVE-2021-35327

A vulnerability in TOTOLINK A720R A720RFirmware v4.1.5cu.470B20200911 allows attackers to start the Telnet service, then login with the default credentials via a crafted POST request...

9.4AI score0.01384EPSS
Exploits1References1
CVE
CVE
added 2021/08/05 8:39 p.m.68 views

CVE-2021-35327

The CVE-2021-35327 entry concerns Totolink A720R routers (firmware v4.1.5cu.470_B20200911). Affected component: Telnet service authentication; root cause: improper handling allowing Telnet to start and login with default credentials via a crafted POST request. Reported impact: attacker could gain...

9.8CVSS9.2AI score0.01384EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/08/05 8:39 p.m.69 views

CVE-2021-35326

CVE-2021-35326 affects Totolink A720R routers (firmware v4.1.5cu.470_B20200911). The vulnerability allows an attacker to download the device configuration file by sending a crafted HTTP request. Root cause details are not explicitly provided in the supplied documents, and there is no remediation ...

7.5CVSS7.4AI score0.02535EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/08/05 8:39 p.m.65 views

CVE-2021-35324

Summary: CVE-2021-35324 concerns a vulnerability in the Form_Login function of TOTOLINK A720R firmware (V4.1.5cu.470_B20200911), enabling attackers to bypass authentication. The issue is documented across multiple sources (NVD, Red Hat, CNVD, CVE listings) with the root cause described as an impr...

9.8CVSS9.3AI score0.10421EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/05 8:39 p.m.29 views

CVE-2021-35324

A vulnerability in the FormLogin function of TOTOLINK A720R A720RFirmware V4.1.5cu.470B20200911 allows attackers to bypass authentication...

9.6AI score0.10421EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/08/05 12:0 a.m.5 views

TotoLink A720R 安全漏洞

The Totolink A720R is a wireless router from Taiwan, China's Gion Electronics Totolink. A security vulnerability exists in the TOTOLINK A720R that originates from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker can exploit the...

7.5CVSS5.6AI score0.02535EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/05 12:0 a.m.5 views

Totolink A720R 安全漏洞

The Totolink A720R is a wireless router from Taiwan, China's Gion Electronics Totolink. The Totolink A720R suffers from an authorization issue vulnerability in version V4.1.5cu.470B20200911, which stems from an improper implementation of the form login feature in the software version, and can be...

9.8CVSS5.7AI score0.10421EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/08/05 12:0 a.m.5 views

PT-2021-20889

Name of the Vulnerable Software and Affected Versions: TOTOLINK A720R version v4.1.5cu.470 B20200911 Description: A vulnerability allows attackers to start the Telnet service and then login with the default credentials via a crafted POST request. Recommendations: For version v4.1.5cu.470 B2020091...

9.8CVSS6.5AI score0.01384EPSS
Exploits1References3
NVD
NVD
added 2021/04/14 6:15 p.m.24 views

CVE-2021-27710

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system...

10CVSS0.07905EPSS
Exploits1References2
OSV
OSV
added 2021/04/14 6:15 p.m.3 views

CVE-2021-27710

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system...

9.8CVSS7.5AI score0.07905EPSS
Exploits1References2
Prion
Prion
added 2021/04/14 6:15 p.m.24 views

Command injection

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system...

10CVSS9.9AI score0.07905EPSS
Exploits1References2Affected Software2
Cvelist
Cvelist
added 2021/04/14 5:7 p.m.31 views

CVE-2021-27710

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system...

10AI score0.07905EPSS
Exploits1References2
CVE
CVE
added 2021/04/14 5:7 p.m.83 views

CVE-2021-27710

CVE-2021-27710 describes a remote command injection in TOTOLINK X5000R (firmware v9.1.0u.6118_B20201102) and TOTOLINK A720R (firmware v4.1.5cu.470_B20200911). The root cause is that a function passes untrusted input from the HTTP request into glibc’s system function, with the attacker-controlled ...

10CVSS9.9AI score0.07905EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/04/14 4:15 p.m.4 views

CVE-2021-27708

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system...

9.8CVSS7.5AI score0.0761EPSS
Exploits1References2
NVD
NVD
added 2021/04/14 4:15 p.m.25 views

CVE-2021-27708

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system...

10CVSS0.0761EPSS
Exploits1References2
Prion
Prion
added 2021/04/14 4:15 p.m.22 views

Command injection

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system...

10CVSS9.9AI score0.0761EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder