Vulnerabilities (CVE)

Filtered by vendor Totolink Subscribe
Total 600 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-28909 1 Totolink 2 N600r, N600r Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.
CVE-2022-28908 1 Totolink 2 N600r, N600r Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg.
CVE-2022-28907 1 Totolink 2 N600r, N600r Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost.
CVE-2022-28906 1 Totolink 2 N600r, N600r Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg.
CVE-2022-28905 1 Totolink 2 N600r, N600r Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName.
CVE-2022-28584 1 Totolink 2 A7100ru, A7100ru Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28583 1 Totolink 2 A7100ru, A7100ru Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28582 1 Totolink 2 A7100ru, A7100ru Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28581 1 Totolink 2 A7100ru, A7100ru Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28580 1 Totolink 2 A7100ru, A7100ru Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28579 1 Totolink 2 A7100ru, A7100ru Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28578 1 Totolink 2 A7100ru, A7100ru Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28577 1 Totolink 2 A7100ru, A7100ru Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the delParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28575 1 Totolink 2 A7100ru, A7100ru Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows attackers to execute arbitrary commands through a carefully constructed payload
CVE-2022-28497 1 Totolink 2 Cp900, Cp900 Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the mtd_write_bootloader function via the filename parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2022-28496 1 Totolink 2 Cp900, Cp900 Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 discovered to contain a command injection vulnerability in the setPasswordCfg function via the adminuser and adminpassparameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2022-28495 1 Totolink 2 Cp900, Cp900 Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2022-28494 1 Totolink 2 Cp900, Cp900 Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setUpgradeFW function via the filename parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2022-28493 1 Totolink 2 Cp900, Cp900 Firmware 2024-11-21 N/A 9.8 CRITICAL
A vulnerability in TOTOLINK CP900 V6.3c.566 allows attackers to start the Telnet service,
CVE-2022-28492 1 Totolink 2 Cp900, Cp900 Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK Technology CPE with firmware V6.3c.566 ,allows remote attackers to bypass Login.