Totolink

A3100r Firmware

47 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-36650

Exploit
  • EPSS 0.3%
  • Veröffentlicht 11.06.2024 16:15:29
  • Zuletzt bearbeitet 04.06.2025 17:24:49

TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to ...

7.2

CVE-2022-28935

Exploit
  • EPSS 9.97%
  • Veröffentlicht 06.07.2022 13:15:09
  • Zuletzt bearbeitet 21.11.2024 06:58:12

Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4.1.2cu.5161_B20200903, Totolink A800R V4.1.2cu.5137_B20200730, Totolink A3000RU V5.9c.5185_B20201128, Totolink A810R V4.1.2cu.5182_B20201026 were discover...

10

CVE-2022-29645

Exploit
  • EPSS 0.37%
  • Veröffentlicht 18.05.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:29

TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for root stored in the component /etc/shadow.sample.

5.3

CVE-2022-29646

Exploit
  • EPSS 0.2%
  • Veröffentlicht 18.05.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:29

An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows attackers to obtain sensitive information via a crafted web request.

10

CVE-2022-29644

Exploit
  • EPSS 0.37%
  • Veröffentlicht 18.05.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:29

TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for the telnet service stored in the component /web_cste/cgi-bin/product.ini.

7.8

CVE-2022-29643

Exploit
  • EPSS 0.39%
  • Veröffentlicht 18.05.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:29

TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craft...

7.8

CVE-2022-29642

Exploit
  • EPSS 0.39%
  • Veröffentlicht 18.05.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:28

TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craf...

7.8

CVE-2022-29641

Exploit
  • EPSS 0.39%
  • Veröffentlicht 18.05.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:28

TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the startTime and endTime parameters in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Servic...

7.8

CVE-2022-29640

Exploit
  • EPSS 0.39%
  • Veröffentlicht 18.05.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:28

TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setPortForwardRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via ...

9.3

CVE-2022-29639

Exploit
  • EPSS 2.32%
  • Veröffentlicht 18.05.2022 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:28

TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a command injection vulnerability via the magicid parameter in the function uci_cloudupdate_config.