Filtered by vendor Totolink
Subscribe
Total
1035 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28913 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting. | |||||
| CVE-2022-28912 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW. | |||||
| CVE-2022-28911 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate. | |||||
| CVE-2022-28910 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName. | |||||
| CVE-2022-28909 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx. | |||||
| CVE-2022-28908 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg. | |||||
| CVE-2022-28907 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost. | |||||
| CVE-2022-28906 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg. | |||||
| CVE-2022-28905 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName. | |||||
| CVE-2022-28584 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. | |||||
| CVE-2022-28583 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. | |||||
| CVE-2022-28582 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. | |||||
| CVE-2022-28581 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. | |||||
| CVE-2022-28580 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. | |||||
| CVE-2022-28579 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| It is found that there is a command injection vulnerability in the setParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. | |||||
| CVE-2022-28578 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. | |||||
| CVE-2022-28577 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| It is found that there is a command injection vulnerability in the delParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. | |||||
| CVE-2022-28575 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows attackers to execute arbitrary commands through a carefully constructed payload | |||||
| CVE-2022-28497 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the mtd_write_bootloader function via the filename parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||
| CVE-2022-28496 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 discovered to contain a command injection vulnerability in the setPasswordCfg function via the adminuser and adminpassparameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||