CVE-2022-44257

TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter pppoeUser in the setOpModeCfg function...

Command injection

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the hostName parameter in the setOpModeCfg function...

CVE-2022-44250

TOTOLINK NR1800X V9.1.0u.6279B20210910 contains a command injection via the hostName parameter in the setOpModeCfg function...

CVE-2022-44257

TOTOLINK LR350 V9.3.5u.6369B20220309 contains a post-authentication buffer overflow via parameter pppoeUser in the setOpModeCfg function...

TOTOLINK NR1800X 操作系统命令注入漏洞

TOTOLINK NR1800X is a 5G NR indoor Wi-Fi and SIP CPE broadband access device from China's Gion Electronics TOTOLINK, which is mainly used for the deployment of NR fixed data services in homes and offices to support 5G NR network connectivity. A command injection vulnerability exists in the TOTOLI...

CVE-2022-41527

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the pppoeUser parameter in the setOpModeCfg function...

CVE-2022-41527

TOTOLINK NR1800X (version 9.1.0u.6279_B20210910) is affected by CVE-2022-41527 due to an authenticated stack overflow in the setOpModeCfg function, triggered by the pppoeUser parameter. Descriptions across multiple sources (CNVD/CNNVD, NVD, Red Hat, CVE lists) indicate the overflow can lead to re...

CVE-2022-41527

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the pppoeUser parameter in the setOpModeCfg function...

CVE-2022-37079

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg...

CVE-2022-37079

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg...

Command injection

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg...

CVE-2022-36461

TOTOLINK A3700R V9.1.2u.6134B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg...

CVE-2022-36461

TOTOLINK A3700R V9.1.2u.6134B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg...

PT-2022-23384 · Totolink · Totolink A3700R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3700R version 9.1.2u.6134 B20201202 Description: A command injection issue was found via the hostName parameter in the setOpModeCfg function. Recommendations: For TOTOLINK A3700R version 9.1.2u.6134 B20201202, avoid using the hostNa...

PT-2022-23407 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was discovered via the hostName parameter in the setOpModeCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK N350RT version...

PT-2022-23793 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A7000R version 9.1.0u.6115 B20201022 Description: A command injection issue was found via the hostName parameter in the setOpModeCfg function, allowing for potential exploitation. Recommendations: For version 9.1.0u.6115 B20201022,...