Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
TotolinkA3300r Firmware

3 matches found

CVE
CVEadded 2023/10/31 3:15 p.m.44 views

CVE-2023-46993

In TOTOLINK A3300R V17.0.0cu.557_B20221024 when dealing with setLedCfg request, there is no verification for the enable parameter, which can lead to command injection.

9.8CVSS9.6AI score0.02985EPSS
CVE
CVEadded 2023/10/31 2:15 p.m.41 views

CVE-2023-46976

TOTOLINK A3300R 17.0.0cu.557_B20221024 contains a command injection via the file_name parameter in the UploadFirmwareFile function.

9.8CVSS9.6AI score0.02985EPSS
CVE
CVEadded 2023/10/31 3:15 p.m.32 views

CVE-2023-46992

TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are able to reset serveral critical passwords without authentication by visiting specific pages.

7.5CVSS7.7AI score0.00144EPSS