CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

CNVD•added 2021/08/21 12:0 a.m.•14 views

TOTOLINK A3002RU Cross-Site Scripting Vulnerability (CNVD-2022-06507)

TOTOLINK A3002RU is a wireless router product from Taiwan-based TOTOLINK Corporation. tr069config.htm in TOTOLINK A3002R version V1.1.1-B20200824 contains a security vulnerability that allows attackers to exploit it by modifying the " username" field or "password" field to execute arbitrary...

6.1CVSS5.4AI score0.00191EPSS

Exploits1References1

Prion•added 2021/08/20 5:15 p.m.•14 views

Cross site scripting

Cross-site scripting in tr069config.htm in TOTOLINK A3002R version V1.1.1-B20200824 Important Update, new UI allows attackers to execute arbitrary JavaScript by modifying the "User Name" field or "Password" field...

4.3CVSS6.4AI score0.00191EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/08/20 4:47 p.m.•13 views

CVE-2021-34220

6.6AI score0.00191EPSS

Exploits1References1

CVE•added 2021/08/20 4:47 p.m.•45 views

CVE-2021-34220

The CVE-2021-34220 entry concerns TOTOLINK A3002R family devices (notably A3002R with firmware version V1.1.1-B20200824). The vulnerability is a Cross-site Scripting (XSS) in tr069config.htm that can be triggered by modifying the "User Name" or "Password" fields, allowing an attacker to execute a...

6.1CVSS6.4AI score0.00191EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by