A3700r Firmware Security Vulnerabilities and Issues — A3700r Firmware CVE List

Lucene search

TotolinkA3700r Firmware

17 matches found

CVE•added 2023/10/25 6:17 p.m.•82 views

CVE-2023-46574

An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.

9.8CVSS9.6AI score0.94049EPSS

CVE•added 2024/08/12 6:15 p.m.•55 views

CVE-2024-42545

TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.

9.8CVSS7.5AI score0.00583EPSS

CVE•added 2024/06/13 7:15 p.m.•47 views

CVE-2024-37632

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .

9.8CVSS8.1AI score0.0055EPSS

CVE•added 2024/08/12 6:15 p.m.•45 views

CVE-2024-42543

TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.

9.8CVSS7.5AI score0.00638EPSS

CVE•added 2024/06/13 7:15 p.m.•43 views

CVE-2024-37635

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg

9.8CVSS7.9AI score0.01814EPSS

CVE•added 2024/06/14 2:15 p.m.•43 views

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg.

9.8CVSS7.9AI score0.00109EPSS

CVE•added 2023/09/25 4:15 p.m.•42 views

CVE-2023-43141

TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.

9.8CVSS9.3AI score0.00074EPSS

CVE•added 2024/01/11 9:15 a.m.•40 views

CVE-2023-52029

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function.

9.8CVSS9.7AI score0.1549EPSS

CVE•added 2024/06/13 7:15 p.m.•38 views

CVE-2024-37634

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg.

9.8CVSS7.9AI score0.00203EPSS

CVE•added 2024/01/11 9:15 a.m.•32 views

CVE-2023-52030

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function.

9.8CVSS9.7AI score0.14816EPSS

CVE•added 2024/01/23 3:15 p.m.•32 views

CVE-2024-22663

TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg

9.8CVSS9.6AI score0.04762EPSS

CVE•added 2023/12/22 7:15 p.m.•31 views

CVE-2023-50147

There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513.

9.8CVSS9.5AI score0.01187EPSS

CVE•added 2024/01/11 9:15 a.m.•31 views

CVE-2023-52027

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function.

9.8CVSS9.6AI score0.1549EPSS

CVE•added 2024/01/23 3:15 p.m.•31 views

CVE-2024-22662

TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules

9.8CVSS9.5AI score0.01244EPSS

CVE•added 2024/01/11 9:15 a.m.•29 views

CVE-2023-52031

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function.

9.8CVSS9.7AI score0.14816EPSS

CVE•added 2024/01/23 3:15 p.m.•29 views

CVE-2024-22660

TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg

9.8CVSS9.5AI score0.01244EPSS

CVE•added 2024/01/11 9:15 a.m.•25 views

CVE-2023-52028

TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function.

9.8CVSS9.6AI score0.15837EPSS