Lucene search
K

11 matches found

Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.5 views

PT-2025-46172

Name of the Vulnerable Software and Affected Versions TOTOLink A7000R version 9.1.0u.6115 B20201022 Description A stack overflow exists in the urldecode function, specifically within the addEffect parameter. This issue allows attackers to trigger a Denial of Service DoS by sending a specially...

6.6AI score0.00362EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.6 views

PT-2025-44656

Name of the Vulnerable Software and Affected Versions Totolink A7000R version 9.1.0u.6115 B20201022 Description The device contains a stack overflow issue through the ssid5g parameter within the sub 4222E0 function. A crafted request can lead to a Denial of Service DoS. Recommendations At the...

9CVSS6.7AI score0.00376EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.8 views

PT-2025-33016 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R firmware version 9.1.0u.6115 B20201022 Description: An attacker can bypass login by sending a specific request through the formLoginAuth.htm endpoint. Recommendations: Apply a configuration change to restrict access to the...

9.8CVSS6.5AI score0.00359EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/12/11 12:0 a.m.5 views

PT-2023-31215 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLink A7000R version 9.1.0u.6115 B20201022 Description: The issue is a stack overflow vulnerability. It can be exploited via the setIpPortFilterRules function. Recommendations: For TOTOLink A7000R version 9.1.0u.6115 B20201022, as a...

9.8CVSS9.5AI score0.00868EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/08/25 3:15 p.m.2 views

CVE-2022-37083

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg...

7.8CVSS7.1AI score0.01086EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.5 views

PT-2022-23797 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the host time parameter at the NTPSyncWithHost function, allowing for potential exploitation. Recommendations: For TOTOLINK A7000R version...

7.8CVSS7.9AI score0.01086EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.6 views

PT-2022-23791 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A stack overflow issue was discovered, which can be triggered via the pppoeUser parameter. Recommendations: For version 9.1.0u.6115 B20201022, avoid using the pppoeUser parameter unti...

7.8CVSS7.8AI score0.00327EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.6 views

PT-2022-23792 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the lang parameter at the "/setting/setLanguageCfg" API endpoint. This allows for potential command injection attacks. Recommendations: For...

7.8CVSS7.7AI score0.00932EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.5 views

PT-2022-23790 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found in the UploadFirmwareFile function via the FileName parameter. Recommendations: For version 9.1.0u.6115 B20201022, avoid using the FileName paramet...

7.8CVSS7.9AI score0.01086EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.5 views

PT-2022-23793 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the hostName parameter in the setOpModeCfg function, allowing for potential exploitation. Recommendations: For version 9.1.0u.6115 B20201022,...

7.8CVSS7.8AI score0.01292EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/25 12:0 a.m.6 views

PT-2022-23798 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the ip parameter at the setDiagnosisCfg function. Recommendations: For version 9.1.0u.6115 B20201022, consider restricting access to the...

7.8CVSS7.8AI score0.01086EPSS
Exploits1References2
Rows per page
Query Builder