Totolink

Lr350 Firmware

34 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-1158

Exploit
  • EPSS 0.14%
  • Veröffentlicht 19.01.2026 14:32:08
  • Zuletzt bearbeitet 29.01.2026 18:34:39

A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid r...

8.8

CVE-2026-1157

Exploit
  • EPSS 0.14%
  • Veröffentlicht 19.01.2026 14:02:10
  • Zuletzt bearbeitet 29.01.2026 18:36:21

A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This affects the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack re...

8.8

CVE-2026-1156

Exploit
  • EPSS 0.14%
  • Veröffentlicht 19.01.2026 13:32:11
  • Zuletzt bearbeitet 29.01.2026 18:40:14

A vulnerability was determined in Totolink LR350 9.3.5u.6369_B20220309. Affected by this issue is the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid causes buffer overflow. It is possible to initiate...

8.8

CVE-2026-1155

Exploit
  • EPSS 0.14%
  • Veröffentlicht 19.01.2026 13:16:20
  • Zuletzt bearbeitet 29.01.2026 18:39:38

A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. Affected by this vulnerability is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack may b...

8.8

CVE-2026-1150

Exploit
  • EPSS 2.16%
  • Veröffentlicht 19.01.2026 10:32:07
  • Zuletzt bearbeitet 29.01.2026 18:38:44

A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command...

8.8

CVE-2026-1149

Exploit
  • EPSS 2.16%
  • Veröffentlicht 19.01.2026 10:02:09
  • Zuletzt bearbeitet 29.01.2026 18:37:47

A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injec...

7.5

CVE-2025-63465

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 17:29:32

Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_422880 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63466

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 17:30:45

Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the sub_426EF8 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63467

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 17:30:37

Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_425400 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63468

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 17:30:55

Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the sub_426EF8 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.