CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-48192
https://notcve.org/view.php?id=CVE-2023-48192
20 Nov 2023 — An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function. Un problema en TOTOlink A3700R v.9.1.2u.6134_B20201202 permite a un atacante local ejecutar código arbitrario a través de la función setTracerouteCfg. • http://totolink.com • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 1CVE-2023-43141
https://notcve.org/view.php?id=CVE-2023-43141
25 Sep 2023 — TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control. TOTOLINK A3700R V9.1.2u.6134_B20201202 y N600R V5.3c.5137 son vulnerables a un control de acceso incorrecto. • http://totolink.com • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36466
https://notcve.org/view.php?id=CVE-2022-36466
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene un desbordamiento de pila por medio del parámetro ip en la función setDiagnosisCfg. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/7/readme.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36465
https://notcve.org/view.php?id=CVE-2022-36465
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene un desbordamiento de pila por medio del parámetro pppoeUser. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/9/readme.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36464
https://notcve.org/view.php?id=CVE-2022-36464
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene un desbordamiento de pila por medio del parámetro sPort en la función setIpPortFilterRules. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/10/readme.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36463
https://notcve.org/view.php?id=CVE-2022-36463
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene un desbordamiento de pila por medio del parámetro command en la función setTracerouteCfg. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/8/readme.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36462
https://notcve.org/view.php?id=CVE-2022-36462
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene un desbordamiento de pila por medio del parámetro lang en la función setLanguageCfg. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/6/readme.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36461
https://notcve.org/view.php?id=CVE-2022-36461
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene una vulnerabilidad de inyección de comandos por medio del parámetro hostName en la función setOpModeCfg. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/5/readme.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36459
https://notcve.org/view.php?id=CVE-2022-36459
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene una vulnerabilidad de inyección de comandos por medio del parámetro host_time en la función NTPSyncWithHost. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/3/readme.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36460
https://notcve.org/view.php?id=CVE-2022-36460
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene una vulnerabilidad de inyección de comandos por el parámetro FileName en la función UploadFirmwareFile. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/4/readme.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •