744 matches found
CVE-2022-44258
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter command in the setTracerouteCfg function...
Design/Logic Flaw
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter text in the setSmsCfg function...
Design/Logic Flaw
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter lang in the setLanguageCfg function...
Buffer overflow
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter command in the setTracerouteCfg function...
Authentication flaw
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter sPort/ePort in the setIpPortFilterRules function...
Design/Logic Flaw
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter ip in the setDiagnosisCfg function...
Design/Logic Flaw
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter week, sTime, and eTime in the setParentalRules function...
Design/Logic Flaw
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter pppoeUser in the setOpModeCfg function...
CVE-2022-44256
CVE-2022-44256 affects Totolink LR350 (v9.3.5u.6369_B20220309). The issue is a post-authentication buffer overflow in the function setLanguageCfg, exploitable via the lang parameter. CVSS v3.1 metrics indicate Network access, Low privileges required, No user interaction, and high impact (C, I, A ...
CVE-2022-44257
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter pppoeUser in the setOpModeCfg function...
CVE-2022-44254
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter text in the setSmsCfg function...
CVE-2022-44256
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter lang in the setLanguageCfg function...
CVE-2022-44253
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter ip in the setDiagnosisCfg function...
CVE-2022-44258
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter command in the setTracerouteCfg function...
PT-2022-27158 · Totolink · Totolink Lr350
Name of the Vulnerable Software and Affected Versions: TOTOLINK LR350 version 9.3.5u.6369 B20220309 Description: The issue is a post-authentication buffer overflow that occurs via the parameters week, sTime, and eTime in the setParentalRules function. Recommendations: For TOTOLINK LR350 version...
CVE-2022-44259
CVE-2022-44259 affects TOTOLINK LR350 (firmware version 9.3.5u.6369_B20220309). A post-authentication buffer overflow exists in the setParentalRules function triggered via parameters week, sTime, and eTime, potentially enabling remote code execution. Multiple connected sources confirm the vulnera...
CVE-2022-44259
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter week, sTime, and eTime in the setParentalRules function...
CVE-2022-44258
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter command in the setTracerouteCfg function...
CVE-2022-44256
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter lang in the setLanguageCfg function...
CVE-2022-44257
TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter pppoeUser in the setOpModeCfg function...