Lr350 Firmware@9.3.5u.6369 b20220309 Security Vulnerabilities and Issues — Lr350 Firmware@9.3.5u.6369 b20220309 CVE List

Lucene search

TotolinkLr350 Firmware9.3.5u.6369 b20220309

6 matches found

CVE•added 2024/06/03 8:15 p.m.•56 views

CVE-2024-36783

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function.

9.8CVSS8.2AI score0.00128EPSS

CVE•added 2024/07/30 3:15 a.m.•51 views

CVE-2024-7214

A vulnerability has been found in TOTOLINK LR350 9.3.5u.6369_B20220309 and classified as critical. Affected by this vulnerability is the function setWanCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to command injection. The attack can be launched remotely. Th...

8.8CVSS6.9AI score0.07451EPSS

CVE•added 2024/05/24 6:15 p.m.•43 views

CVE-2024-35387

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.

9.8CVSS7.8AI score0.08155EPSS

CVE•added 2024/11/01 12:15 p.m.•42 views

CVE-2024-10654

A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to authorization bypass. The attack can be launc...

9.1CVSS5.3AI score0.00976EPSS

CVE•added 2024/08/15 5:15 p.m.•42 views

CVE-2024-42967

Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh.

9.8CVSS6.8AI score0.00261EPSS

CVE•added 2024/05/14 3:38 p.m.•23 views

CVE-2024-34308

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the function urldecode.

8.8CVSS8AI score0.00144EPSS