A950rg Firmware Security Vulnerabilities and Issues — A950rg Firmware CVE List

Lucene search

TotolinkA950rg Firmware

16 matches found

CVE•added 2022/03/15 10:15 p.m.•265 views

CVE-2022-26210

Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function setUpgradeFW, via the File...

9.8CVSS9.9AI score0.07432EPSS

CVE•added 2022/02/24 3:15 p.m.•188 views

CVE-2022-25082

TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

9.8CVSS10AI score0.85181EPSS

CVE•added 2022/03/15 10:15 p.m.•120 views

CVE-2022-26207

9.8CVSS9.9AI score0.17828EPSS

CVE•added 2022/03/15 10:15 p.m.•96 views

CVE-2022-26209

9.8CVSS9.9AI score0.17828EPSS

CVE•added 2022/03/15 10:15 p.m.•95 views

CVE-2022-26212

9.8CVSS9.9AI score0.17828EPSS

CVE•added 2022/03/15 10:15 p.m.•85 views

CVE-2022-26211

9.8CVSS9.9AI score0.17828EPSS

CVE•added 2022/03/15 10:15 p.m.•82 views

CVE-2022-26208

9.8CVSS9.9AI score0.17828EPSS

CVE•added 2022/03/15 10:15 p.m.•78 views

CVE-2022-26206

9.8CVSS9.9AI score0.17828EPSS

CVE•added 2022/03/15 10:15 p.m.•74 views

CVE-2022-26214

9.8CVSS10AI score0.27117EPSS

CVE•added 2025/04/22 2:15 p.m.•55 views

CVE-2025-28034

TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost funct...

9.8CVSS7.6AI score0.03659EPSS

CVE•added 2025/04/22 4:15 p.m.•50 views

CVE-2025-28037

TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.

9.8CVSS7.6AI score0.04334EPSS

CVE•added 2025/05/02 5:15 p.m.•47 views

CVE-2025-45800

TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a command execution vulnerability in the setDeviceName interface of the /lib/cste_modules/global.so library, specifically in the processing of the deviceMac parameter.

9.8CVSS7.2AI score0.0068EPSS

CVE•added 2025/04/22 6:15 p.m.•41 views

CVE-2025-28036

TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.

9.8CVSS7.6AI score0.03659EPSS

CVE•added 2025/05/08 8:15 p.m.•41 views

CVE-2025-45798

A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. The vulnerability is located in the setNoticeCfg interface within the /lib/cste_modules/system.so library, specifically in the processing of the IpTo parameter.

9.8CVSS7.4AI score0.00629EPSS

CVE•added 2025/04/22 6:15 p.m.•39 views

CVE-2025-28035

TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.

9.8CVSS7.6AI score0.03659EPSS

CVE•added 2025/05/08 8:15 p.m.•38 views

CVE-2025-45797

TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so.

9.8CVSS7.7AI score0.00212EPSS