A7100ru Firmware Security Vulnerabilities and Issues — A7100ru Firmware CVE List

Lucene search

TotolinkA7100ru Firmware

23 matches found

CVE•added 2023/02/06 3:15 p.m.•62 views

CVE-2023-24276

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules.

9.8CVSS9.7AI score0.01454EPSS

CVE•added 2023/04/07 4:15 a.m.•61 views

CVE-2023-26978

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg.

9.8CVSS9.7AI score0.01454EPSS

CVE•added 2023/03/08 2:15 p.m.•60 views

CVE-2023-25395

TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules.

9.8CVSS9.7AI score0.01579EPSS

CVE•added 2023/01/20 3:15 p.m.•56 views

CVE-2022-48124

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function.

9.8CVSS9.7AI score0.01454EPSS

CVE•added 2023/02/16 3:15 p.m.•55 views

CVE-2023-24236

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the province parameter at setting/delStaticDhcpRules.

9.8CVSS9.7AI score0.01579EPSS

CVE•added 2023/03/28 11:15 p.m.•53 views

CVE-2023-27232

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg.

9.8CVSS9.7AI score0.01579EPSS

CVE•added 2023/01/17 7:15 p.m.•52 views

CVE-2022-47853

TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload.

9.8CVSS9.4AI score0.01454EPSS

CVE•added 2023/01/20 3:15 p.m.•51 views

CVE-2022-48123

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function.

9.8CVSS9.7AI score0.01454EPSS

CVE•added 2023/02/21 3:15 p.m.•49 views

CVE-2023-24184

TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability.

9.8CVSS9.7AI score0.00277EPSS

CVE•added 2023/03/23 3:15 p.m.•49 views

CVE-2023-27135

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg.

9.8CVSS9.7AI score0.02052EPSS

CVE•added 2023/03/28 10:15 p.m.•47 views

CVE-2023-27229

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg.

9.8CVSS9.7AI score0.06655EPSS

CVE•added 2023/05/05 3:15 p.m.•47 views

CVE-2023-30053

TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.

9.8CVSS9.4AI score0.04124EPSS

CVE•added 2023/01/20 3:15 p.m.•44 views

CVE-2022-48121

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function.

9.8CVSS9.7AI score0.01454EPSS

CVE•added 2023/06/07 9:15 p.m.•42 views

CVE-2023-33556

TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg.

9.8CVSS9.7AI score0.01454EPSS

CVE•added 2023/01/20 3:15 p.m.•41 views

CVE-2022-48122

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function.

9.8CVSS9.7AI score0.01454EPSS

CVE•added 2023/05/05 3:15 p.m.•40 views

CVE-2023-30054

TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload.

9.8CVSS9.6AI score0.04124EPSS

CVE•added 2023/01/20 3:15 p.m.•39 views

CVE-2022-48125

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function.

9.8CVSS9.8AI score0.01454EPSS

CVE•added 2023/01/20 3:15 p.m.•38 views

CVE-2022-48126

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function.

9.8CVSS9.7AI score0.01454EPSS

CVE•added 2023/12/25 1:15 a.m.•38 views

CVE-2023-7095

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag leads to buffer ove...

10CVSS9.7AI score0.09333EPSS

CVE•added 2023/02/16 3:15 p.m.•37 views

CVE-2023-24238

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules.

9.8CVSS9.7AI score0.01579EPSS

CVE•added 2023/03/28 10:15 p.m.•37 views

CVE-2023-27231

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg.

9.8CVSS9.7AI score0.03195EPSS

CVE•added 2023/12/18 4:15 a.m.•36 views

CVE-2023-6906

A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8 leads to buffer ove...

10CVSS9.8AI score0.00117EPSS

CVE•added 2023/04/07 3:15 a.m.•35 views

CVE-2023-26848

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules.

9.8CVSS9.7AI score0.01454EPSS