A950rg Firmware@4.1.2cu.5204 b20210112 Security Vulnerabilities and Issues — A950rg Firmware@4.1.2cu.5204 b20210112 CVE List

Lucene search

TotolinkA950rg Firmware4.1.2cu.5204 b20210112

5 matches found

CVE•added 2022/02/24 3:15 p.m.•206 views

CVE-2022-25082

TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

9.8CVSS10AI score0.85181EPSS

CVE•added 2022/08/29 12:15 a.m.•55 views

CVE-2022-36612

TOTOLINK A950RG V4.1.2cu.5204_B20210112 was discovered to contain a hardcoded password for root at /etc/shadow.sample.

7.8CVSS7.7AI score0.00041EPSS

CVE•added 2025/05/02 5:15 p.m.•47 views

CVE-2025-45800

TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a command execution vulnerability in the setDeviceName interface of the /lib/cste_modules/global.so library, specifically in the processing of the deviceMac parameter.

9.8CVSS7.2AI score0.0068EPSS

CVE•added 2025/05/08 8:15 p.m.•41 views

CVE-2025-45798

A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. The vulnerability is located in the setNoticeCfg interface within the /lib/cste_modules/system.so library, specifically in the processing of the IpTo parameter.

9.8CVSS7.4AI score0.00629EPSS

CVE•added 2025/05/08 8:15 p.m.•39 views

CVE-2025-45797

TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so.

9.8CVSS7.7AI score0.00212EPSS