CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-52031
https://notcve.org/view.php?id=CVE-2023-52031
11 Jan 2024 — TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function. Se descubrió que TOTOlink A3700R v9.1.2u.5822_B20200513 contiene una vulnerabilidad de ejecución remota de comandos (RCE) a través de la función UploadFirmwareFile. • https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R_UploadFirmwareFile •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-50147
https://notcve.org/view.php?id=CVE-2023-50147
22 Dec 2023 — There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. Existe una vulnerabilidad de ejecución de comando arbitrario en la función setDiagnosisCfg del cstecgi .cgi del dispositivo enrutador TOTOlink A3700R en su versión de firmware V9.1.2u.5822_B20200513. • https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R%28setDiagnosisCfg%29 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-48192
https://notcve.org/view.php?id=CVE-2023-48192
20 Nov 2023 — An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function. Un problema en TOTOlink A3700R v.9.1.2u.6134_B20201202 permite a un atacante local ejecutar código arbitrario a través de la función setTracerouteCfg. • http://totolink.com • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 10%CPEs: 2EXPL: 1CVE-2023-46574
https://notcve.org/view.php?id=CVE-2023-46574
24 Oct 2023 — An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function. Un problema en TOTOLINK A3700R v.9.1.2u.6165_20211012 permite a un atacante remoto ejecutar código arbitrario a través del parámetro FileName de la función UploadFirmwareFile. • https://github.com/OraclePi/repo/blob/main/totolink%20A3700R/1/A3700R%20%20V9.1.2u.6165_20211012%20vuln.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 1CVE-2023-43141
https://notcve.org/view.php?id=CVE-2023-43141
25 Sep 2023 — TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control. TOTOLINK A3700R V9.1.2u.6134_B20201202 y N600R V5.3c.5137 son vulnerables a un control de acceso incorrecto. • http://totolink.com • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36466
https://notcve.org/view.php?id=CVE-2022-36466
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene un desbordamiento de pila por medio del parámetro ip en la función setDiagnosisCfg. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/7/readme.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36465
https://notcve.org/view.php?id=CVE-2022-36465
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene un desbordamiento de pila por medio del parámetro pppoeUser. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/9/readme.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36464
https://notcve.org/view.php?id=CVE-2022-36464
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene un desbordamiento de pila por medio del parámetro sPort en la función setIpPortFilterRules. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/10/readme.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36463
https://notcve.org/view.php?id=CVE-2022-36463
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene un desbordamiento de pila por medio del parámetro command en la función setTracerouteCfg. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/8/readme.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36462
https://notcve.org/view.php?id=CVE-2022-36462
25 Aug 2022 — TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. Se ha detectado que TOTOLINK A3700R versión V9.1.2u.6134_B20201202, contiene un desbordamiento de pila por medio del parámetro lang en la función setLanguageCfg. • https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/6/readme.md • CWE-787: Out-of-bounds Write •