Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

A3700R Firmware Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2023-43141

TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.

9.8CVSS

9.3AI Score

0.01EPSS

2023-09-25 04:15 PM
25
cve
cve

CVE-2023-46574

An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.

9.8CVSS

9.6AI Score

0.314EPSS

2023-10-25 06:17 PM
51
cve
cve

CVE-2023-50147

There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513.

9.8CVSS

9.5AI Score

0.004EPSS

2023-12-22 07:15 PM
14
cve
cve

CVE-2023-52027

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function.

9.8CVSS

9.6AI Score

0.002EPSS

2024-01-11 09:15 AM
19
cve
cve

CVE-2023-52028

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function.

9.8CVSS

9.6AI Score

0.001EPSS

2024-01-11 09:15 AM
11
cve
cve

CVE-2023-52029

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function.

9.8CVSS

9.7AI Score

0.001EPSS

2024-01-11 09:15 AM
20
cve
cve

CVE-2023-52030

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function.

9.8CVSS

9.7AI Score

0.001EPSS

2024-01-11 09:15 AM
18
cve
cve

CVE-2023-52031

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function.

9.8CVSS

9.7AI Score

0.001EPSS

2024-01-11 09:15 AM
12
cve
cve

CVE-2024-22660

TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg

9.8CVSS

9.5AI Score

0.002EPSS

2024-01-23 03:15 PM
12
cve
cve

CVE-2024-22662

TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules

9.8CVSS

9.5AI Score

0.002EPSS

2024-01-23 03:15 PM
12
cve
cve

CVE-2024-22663

TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg

9.8CVSS

9.6AI Score

0.858EPSS

2024-01-23 03:15 PM
12
cve
cve

CVE-2024-37632

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .

9.8CVSS

8.1AI Score

0.009EPSS

2024-06-13 07:15 PM
29
cve
cve

CVE-2024-37635

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg

9.8CVSS

7.9AI Score

0.009EPSS

2024-06-13 07:15 PM
29
cve
cve

CVE-2024-42543

TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.

9.8CVSS

7.5AI Score

0.009EPSS

2024-08-12 06:15 PM
25
cve
cve

CVE-2024-42545

TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.

9.8CVSS

7.5AI Score

0.009EPSS

2024-08-12 06:15 PM
32