Filtered by vendor Totolink
Subscriptions
Filtered by product T6
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-38827 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 9.8 Critical |
| TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to Buffer Overflow via cstecgi.cgi | ||||
| CVE-2022-38828 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 9.8 Critical |
| TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to command injection via cstecgi.cgi | ||||
| CVE-2022-38823 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 9.8 Critical |
| In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample. | ||||
| CVE-2022-38826 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 9.8 Critical |
| In TOTOLINK T6 V4.1.5cu.709_B20210518, there is an execute arbitrary command in cstecgi.cgi. | ||||
| CVE-2022-32051 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4. | ||||
| CVE-2022-32044 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80. | ||||
| CVE-2022-32052 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4. | ||||
| CVE-2022-32050 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40. | ||||
| CVE-2022-32046 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_0041880c. | ||||
| CVE-2022-32053 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c. | ||||
| CVE-2022-32048 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88. | ||||
| CVE-2022-32049 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540. | ||||
| CVE-2022-32045 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4. | ||||
| CVE-2022-32047 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00412ef4. | ||||
| CVE-2022-25132 | 1 Totolink | 4 T10, T10 Firmware, T6 and 1 more | 2024-08-03 | 9.8 Critical |
| A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet. | ||||
| CVE-2022-25135 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 9.8 Critical |
| A command injection vulnerability in the function recv_mesh_info_sync of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet. | ||||
| CVE-2022-25084 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 9.8 Critical |
| TOTOLink T6 V5.9c.4085_B20190428 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. | ||||
| CVE-2022-25133 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 9.8 Critical |
| A command injection vulnerability in the function isAssocPriDevice of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet. | ||||
| CVE-2022-25136 | 1 Totolink | 4 T10, T10 Firmware, T6 and 1 more | 2024-08-03 | 9.8 Critical |
| A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet. | ||||
| CVE-2022-25134 | 1 Totolink | 2 T6, T6 Firmware | 2024-08-03 | 9.8 Critical |
| A command injection vulnerability in the function setUpgradeFW of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet. | ||||