A720r Firmware@4.1.5cu.470 b20200911 Security Vulnerabilities and Issues — A720r Firmware@4.1.5cu.470 b20200911 CVE List

Lucene search

TotolinkA720r Firmware4.1.5cu.470 b20200911

13 matches found

CVE•added 2022/03/31 12:15 a.m.•80 views

CVE-2021-43662

totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue which causes uncontrolled resource consumption.

6.5CVSS6.5AI score0.00084EPSS

CVE•added 2021/04/14 6:15 p.m.•67 views

CVE-2021-27710

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system func...

10CVSS9.9AI score0.2015EPSS

CVE•added 2021/08/05 9:15 p.m.•57 views

CVE-2021-35325

A stack overflow in the checkLoginUser function of TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to cause a denial of service (DOS).

7.5CVSS7.5AI score0.03131EPSS

CVE•added 2021/08/05 9:15 p.m.•57 views

CVE-2021-35327

A vulnerability in TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to start the Telnet service, then login with the default credentials via a crafted POST request.

9.8CVSS9.2AI score0.00443EPSS

CVE•added 2021/08/05 9:15 p.m.•56 views

CVE-2021-35326

A vulnerability in TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows attackers to download the configuration file via sending a crafted HTTP request.

7.5CVSS7.4AI score0.04092EPSS

CVE•added 2022/02/04 2:15 a.m.•54 views

CVE-2021-44247

Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain command injection vulnerability in the function setNoticeCfg. This vulnerability allows attackers to execute arbitrary commands via the IpFrom parameter.

9.8CVSS10AI score0.27117EPSS

CVE•added 2021/08/05 9:15 p.m.•53 views

CVE-2021-35324

A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4.1.5cu.470_B20200911 allows attackers to bypass authentication.

9.8CVSS9.3AI score0.00756EPSS

CVE•added 2022/02/04 2:15 a.m.•53 views

CVE-2021-44246

Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain a stack overflow in the function setNoticeCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IpTo parameter.

7.8CVSS7.7AI score0.00386EPSS

CVE•added 2022/02/04 2:15 a.m.•47 views

CVE-2021-45740

TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the setWiFiWpsStart function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the pin parameter.

9.8CVSS9.5AI score0.00528EPSS

CVE•added 2022/02/04 2:15 a.m.•46 views

CVE-2021-45737

TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the Host parameter.

7.8CVSS7.6AI score0.00386EPSS

CVE•added 2022/02/04 2:15 a.m.•44 views

CVE-2021-45739

7.8CVSS7.6AI score0.00386EPSS

CVE•added 2022/02/04 2:15 a.m.•44 views

CVE-2021-45742

TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

10CVSS9.9AI score0.20865EPSS

CVE•added 2021/04/14 4:15 p.m.•39 views

CVE-2021-27708

10CVSS9.9AI score0.2015EPSS