A3700r Firmware Security Vulnerabilities and Issues — A3700r Firmware CVE List

Lucene search

TotolinkA3700r Firmware

12 matches found

CVE•added 2022/08/25 2:15 p.m.•46 views

CVE-2022-36461

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.

7.8CVSS7.8AI score0.00242EPSS

CVE•added 2022/08/25 2:15 p.m.•45 views

CVE-2022-36462

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.

7.8CVSS7.8AI score0.00117EPSS

CVE•added 2022/08/25 2:15 p.m.•45 views

CVE-2022-36466

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.

7.8CVSS7.8AI score0.00173EPSS

CVE•added 2024/07/28 11:15 a.m.•45 views

CVE-2024-7156

A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/ExportSettings.sh of the component apmib Configuration Handler. The manipulation leads to information disclosure. The attack ma...

7.5CVSS5.1AI score0.00718EPSS

CVE•added 2022/08/25 2:15 p.m.•44 views

CVE-2022-36464

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.

7.8CVSS7.8AI score0.00094EPSS

CVE•added 2022/08/25 2:15 p.m.•43 views

CVE-2022-36459

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.

7.8CVSS7.8AI score0.00242EPSS

CVE•added 2022/08/25 2:15 p.m.•42 views

CVE-2022-36458

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.

7.8CVSS7.8AI score0.00242EPSS

CVE•added 2022/08/25 2:15 p.m.•41 views

CVE-2022-36465

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter.

7.8CVSS7.8AI score0.00098EPSS

CVE•added 2022/08/25 2:15 p.m.•40 views

CVE-2022-36460

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.

7.8CVSS7.8AI score0.00242EPSS

CVE•added 2023/11/20 10:15 p.m.•37 views

CVE-2023-48192

An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function.

7.8CVSS7.7AI score0.00111EPSS

CVE•added 2024/07/28 10:15 a.m.•36 views

CVE-2024-7154

A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. Affected is an unknown function of the file /wizard.html of the component Password Reset Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotel...

7.5CVSS4.7AI score0.00084EPSS

CVE•added 2022/08/25 2:15 p.m.•29 views

CVE-2022-36463

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.

7.8CVSS7.8AI score0.00063EPSS