Totolink

A3600r Firmware

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-7177

Exploit
  • EPSS 0.23%
  • Veröffentlicht 29.07.2024 02:15:13
  • Zuletzt bearbeitet 21.11.2024 09:51:01

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as critical. Affected is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument langType leads to buffer overflow. It ...

8.8

CVE-2024-7176

Exploit
  • EPSS 0.24%
  • Veröffentlicht 29.07.2024 02:15:12
  • Zuletzt bearbeitet 21.11.2024 09:51:00

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. This issue affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. The att...

8.8

CVE-2024-7175

Exploit
  • EPSS 2.46%
  • Veröffentlicht 29.07.2024 01:15:09
  • Zuletzt bearbeitet 21.11.2024 09:51:00

A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ipDoamin leads to os comma...

8.8

CVE-2024-7174

Exploit
  • EPSS 0.25%
  • Veröffentlicht 29.07.2024 00:15:02
  • Zuletzt bearbeitet 21.11.2024 09:51:00

A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This affects the function setdeviceName of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument deviceMac/deviceName leads to buffer ov...

8.8

CVE-2024-7173

Exploit
  • EPSS 0.22%
  • Veröffentlicht 29.07.2024 00:15:02
  • Zuletzt bearbeitet 21.11.2024 09:51:00

A vulnerability, which was classified as critical, has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password/http_host leads ...

8.8

CVE-2024-7172

Exploit
  • EPSS 0.22%
  • Veröffentlicht 28.07.2024 23:15:10
  • Zuletzt bearbeitet 21.11.2024 09:51:00

A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this vulnerability is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host ...

8.8

CVE-2024-7171

Exploit
  • EPSS 2.67%
  • Veröffentlicht 28.07.2024 23:15:09
  • Zuletzt bearbeitet 21.11.2024 09:51:00

A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected is the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostTime leads to os command injection. It is...

8.8

CVE-2024-7159

Exploit
  • EPSS 0.08%
  • Veröffentlicht 28.07.2024 15:15:09
  • Zuletzt bearbeitet 21.11.2024 09:50:58

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of...

7.8

CVE-2022-36455

Exploit
  • EPSS 1.27%
  • Veröffentlicht 25.08.2022 15:15:08
  • Zuletzt bearbeitet 21.11.2024 07:13:03

TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.

9.8

CVE-2022-34993

Exploit
  • EPSS 0.44%
  • Veröffentlicht 04.08.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 07:10:32

Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc/shadow.sample.