Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
TotolinkLr350 Firmware

14 matches found

CVE
CVEadded 2023/07/07 2:15 p.m.130 views

CVE-2023-37148

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the ussd parameter in the setUssd function.

9.8CVSS9.7AI score0.01454EPSS
CVE
CVEadded 2024/05/14 3:39 p.m.59 views

CVE-2024-35099

TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth.

9.8CVSS8AI score0.00223EPSS
CVE
CVEadded 2024/06/03 8:15 p.m.56 views

CVE-2024-36783

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function.

9.8CVSS8.2AI score0.00128EPSS
CVE
CVEadded 2022/11/23 4:15 p.m.50 views

CVE-2022-44252

TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the setUploadSetting function.

9.8CVSS9.6AI score0.01454EPSS
CVE
CVEadded 2022/11/23 4:15 p.m.48 views

CVE-2022-44250

TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the hostName parameter in the setOpModeCfg function.

9.8CVSS9.6AI score0.01454EPSS
CVE
CVEadded 2022/11/23 4:15 p.m.45 views

CVE-2022-44255

TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a pre-authentication buffer overflow in the main function via long post data.

9.8CVSS9.6AI score0.0017EPSS
CVE
CVEadded 2022/11/23 4:15 p.m.43 views

CVE-2022-44249

TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the UploadFirmwareFile function.

9.8CVSS9.6AI score0.01454EPSS
CVE
CVEadded 2024/05/24 6:15 p.m.43 views

CVE-2024-35387

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.

9.8CVSS7.8AI score0.08155EPSS
CVE
CVEadded 2024/11/01 12:15 p.m.42 views

CVE-2024-10654

A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to authorization bypass. The attack can be launc...

9.1CVSS5.3AI score0.00976EPSS
CVE
CVEadded 2024/08/15 5:15 p.m.42 views

CVE-2024-42967

Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh.

9.8CVSS6.8AI score0.00261EPSS
CVE
CVEadded 2022/11/23 4:15 p.m.41 views

CVE-2022-44251

TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the ussd parameter in the setUssd function.

9.8CVSS9.6AI score0.01454EPSS
CVE
CVEadded 2023/07/07 2:15 p.m.35 views

CVE-2023-37146

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function.

9.8CVSS9.7AI score0.01454EPSS
CVE
CVEadded 2023/07/07 2:15 p.m.33 views

CVE-2023-37145

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function.

9.8CVSS9.7AI score0.01454EPSS
CVE
CVEadded 2023/07/07 2:15 p.m.30 views

CVE-2023-37149

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function.

9.8CVSS9.7AI score0.01454EPSS