Filtered by vendor Totolink
Subscriptions
Total
640 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27229 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg. | ||||
| CVE-2023-27135 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg. | ||||
| CVE-2023-27231 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg. | ||||
| CVE-2023-26978 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg. | ||||
| CVE-2023-26848 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules. | ||||
| CVE-2023-25395 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules. | ||||
| CVE-2023-24238 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules. | ||||
| CVE-2023-24276 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules. | ||||
| CVE-2023-24236 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the province parameter at setting/delStaticDhcpRules. | ||||
| CVE-2023-24142 | 1 Totolink | 2 Ca300-poe, Ca300-poe Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagPingSize parameter in the setNetworkDiag function. | ||||
| CVE-2023-24143 | 1 Totolink | 2 Ca300-poe, Ca300-poe Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagTracertHop parameter in the setNetworkDiag function. | ||||
| CVE-2023-24155 | 1 Totolink | 2 T8, T8 Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which is stored in the component /web_cste/cgi-bin/product.ini. | ||||
| CVE-2023-24152 | 1 Totolink | 2 T8, T8 Firmware | 2024-08-02 | 9.8 Critical |
| A command injection vulnerability in the serverIp parameter in the function meshSlaveUpdate of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet. | ||||
| CVE-2023-24184 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability. | ||||
| CVE-2023-24146 | 1 Totolink | 2 Ca300-poe, Ca300-poe Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the minute parameter in the setRebootScheCfg function. | ||||
| CVE-2023-24157 | 1 Totolink | 2 T8, T8 Firmware | 2024-08-02 | 9.8 Critical |
| A command injection vulnerability in the serverIp parameter in the function updateWifiInfo of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet. | ||||
| CVE-2023-24161 | 1 Totolink | 2 Ca300-poe, Ca300-poe Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the webWlanIdx parameter in the setWebWlanIdx function. | ||||
| CVE-2023-24148 | 1 Totolink | 2 Ca300-poe, Ca300-poe Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadUserData function. | ||||
| CVE-2023-24138 | 1 Totolink | 2 Ca300-poe, Ca300-poe Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the host_time parameter in the NTPSyncWithHost function. | ||||
| CVE-2023-24147 | 1 Totolink | 2 Ca300-poe, Ca300-poe Firmware | 2024-08-02 | 7.5 High |
| TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini. | ||||