A3600r Firmware Security Vulnerabilities and Issues — A3600r Firmware CVE List

Lucene search

TotolinkA3600r Firmware

22 matches found

CVE•added 2022/02/24 3:15 p.m.•150 views

CVE-2022-25078

TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

9.8CVSS9.9AI score0.06059EPSS

CVE•added 2022/08/04 7:15 p.m.•56 views

CVE-2022-34993

Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc/shadow.sample.

9.8CVSS9.6AI score0.00259EPSS

CVE•added 2022/08/25 3:15 p.m.•52 views

CVE-2022-36455

TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.

7.8CVSS7.8AI score0.00254EPSS

CVE•added 2024/07/29 12:15 a.m.•52 views

CVE-2024-7173

A vulnerability, which was classified as critical, has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password/http_host leads to buffer overflow. The attack may be launched re...

9CVSS8.8AI score0.0051EPSS

CVE•added 2024/07/28 11:15 p.m.•51 views

CVE-2024-7171

A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected is the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostTime leads to os command injection. It is possible to launch the attack remotely. The expl...

8.8CVSS7AI score0.07538EPSS

CVE•added 2022/05/24 2:15 a.m.•50 views

CVE-2022-29377

Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a stacker overflow in the fread function at infostat.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via the parameter CONTENT_LENGTH.

7.5CVSS7.5AI score0.0028EPSS

CVE•added 2024/07/29 3:15 a.m.•49 views

CVE-2024-7178

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been declared as critical. Affected by this vulnerability is the function setMacQos of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument priority/macAddress leads to buffer overflow. The attack can be launched...

9CVSS8.9AI score0.00464EPSS

CVE•added 2024/07/29 2:15 a.m.•48 views

CVE-2024-7177

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as critical. Affected is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument langType leads to buffer overflow. It is possible to launch the attack remotely. The ex...

9CVSS8.9AI score0.01116EPSS

CVE•added 2024/07/29 3:15 a.m.•48 views

CVE-2024-7179

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument startTime/endTime leads to buffer overflow. The attack may be launched remot...

9CVSS8.8AI score0.00544EPSS

CVE•added 2024/07/28 3:15 p.m.•47 views

CVE-2024-7159

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password. The exploit has been disclo...

8.8CVSS5.5AI score0.00088EPSS

CVE•added 2024/07/29 1:15 a.m.•45 views

CVE-2024-7175

A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ipDoamin leads to os command injection. The attack can be initiated remotel...

8.8CVSS6.9AI score0.07538EPSS

CVE•added 2024/07/29 4:15 a.m.•45 views

CVE-2024-7181

A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument telnet_enabled leads to command injection. The attack can be initiated remotely. The ex...

8.8CVSS6.9AI score0.07538EPSS

CVE•added 2024/07/29 5:15 a.m.•45 views

CVE-2024-7183

A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected is the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. It is possible to launch the attack remotely. The e...

9CVSS7AI score0.00544EPSS

CVE•added 2024/07/29 6:15 a.m.•45 views

CVE-2024-7186

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as critical. This affects the function setWiFiAclAddConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. It is possible to initiate the attack remotely....

9CVSS8.8AI score0.00464EPSS

CVE•added 2024/07/29 4:15 a.m.•44 views

CVE-2024-7182

A vulnerability, which was classified as critical, has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. The attack may be initiated remotely. The e...

9CVSS8.9AI score0.00464EPSS

CVE•added 2024/07/29 5:15 a.m.•43 views

CVE-2024-7184

A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. Affected by this vulnerability is the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument url leads to buffer overflow. The attack can be launched remotely....

9CVSS7AI score0.00464EPSS

CVE•added 2024/07/29 2:15 a.m.•42 views

CVE-2024-7176

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. This issue affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. The attack may be initiated remotely. The exploit has be...

9CVSS8.9AI score0.00558EPSS

CVE•added 2024/07/29 7:15 a.m.•42 views

CVE-2024-7187

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been declared as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. T...

9CVSS8.8AI score0.00417EPSS

CVE•added 2024/07/29 12:15 a.m.•41 views

CVE-2024-7174

A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This affects the function setdeviceName of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument deviceMac/deviceName leads to buffer overflow. It is possible to initiate the attack rem...

9CVSS8.8AI score0.01195EPSS

CVE•added 2024/07/29 6:15 a.m.•39 views

CVE-2024-7185

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. Affected by this issue is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument webWlanIdx leads to buffer overflow. The attack may be launched remotely. The explo...

9CVSS8.8AI score0.00687EPSS

CVE•added 2024/07/28 11:15 p.m.•37 views

CVE-2024-7172

A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this vulnerability is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. The attack can be launc...

9CVSS8.9AI score0.00485EPSS

CVE•added 2024/07/29 3:15 a.m.•37 views

CVE-2024-7180

A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This affects the function setPortForwardRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. It is possible to initiate the attack remotely. The exp...

9CVSS8.9AI score0.00497EPSS