11 matches found
PT-2025-46172
Name of the Vulnerable Software and Affected Versions TOTOLink A7000R version 9.1.0u.6115 B20201022 Description A stack overflow exists in the urldecode function, specifically within the addEffect parameter. This issue allows attackers to trigger a Denial of Service DoS by sending a specially...
PT-2025-44656
Name of the Vulnerable Software and Affected Versions Totolink A7000R version 9.1.0u.6115 B20201022 Description The device contains a stack overflow issue through the ssid5g parameter within the sub 4222E0 function. A crafted request can lead to a Denial of Service DoS. Recommendations At the...
PT-2025-33016 · Totolink · Totolink A7000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R firmware version 9.1.0u.6115 B20201022 Description: An attacker can bypass login by sending a specific request through the formLoginAuth.htm endpoint. Recommendations: Apply a configuration change to restrict access to the...
PT-2023-31215 · Totolink · Totolink A7000R
Name of the Vulnerable Software and Affected Versions: TOTOLink A7000R version 9.1.0u.6115 B20201022 Description: The issue is a stack overflow vulnerability. It can be exploited via the setIpPortFilterRules function. Recommendations: For TOTOLink A7000R version 9.1.0u.6115 B20201022, as a...
CVE-2022-37083
TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg...
PT-2022-23797 · Totolink · Totolink A7000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the host time parameter at the NTPSyncWithHost function, allowing for potential exploitation. Recommendations: For TOTOLINK A7000R version...
PT-2022-23791 · Totolink · Totolink A7000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A stack overflow issue was discovered, which can be triggered via the pppoeUser parameter. Recommendations: For version 9.1.0u.6115 B20201022, avoid using the pppoeUser parameter unti...
PT-2022-23792 · Totolink · Totolink A7000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the lang parameter at the "/setting/setLanguageCfg" API endpoint. This allows for potential command injection attacks. Recommendations: For...
PT-2022-23790 · Totolink · Totolink A7000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found in the UploadFirmwareFile function via the FileName parameter. Recommendations: For version 9.1.0u.6115 B20201022, avoid using the FileName paramet...
PT-2022-23793 · Totolink · Totolink A7000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the hostName parameter in the setOpModeCfg function, allowing for potential exploitation. Recommendations: For version 9.1.0u.6115 B20201022,...
PT-2022-23798 · Totolink · Totolink A7000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the ip parameter at the setDiagnosisCfg function. Recommendations: For version 9.1.0u.6115 B20201022, consider restricting access to the...