Totolink

A950rg Firmware

27 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-28034

Exploit
  • EPSS 3.25%
  • Published 22.04.2025 00:00:00
  • Last modified 29.04.2025 16:18:58

TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command exe...

9.8

CVE-2025-28036

Exploit
  • EPSS 3.25%
  • Published 22.04.2025 00:00:00
  • Last modified 29.04.2025 16:13:29

TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.

9.8

CVE-2025-28037

Exploit
  • EPSS 3.85%
  • Published 22.04.2025 00:00:00
  • Last modified 29.04.2025 16:03:42

TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.

7.3

CVE-2025-28027

Exploit
  • EPSS 0.15%
  • Published 22.04.2025 00:00:00
  • Last modified 07.05.2025 16:27:45

TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 was found to contain a buffer overflow vulnerability in downloadFile.cgi.

7.3

CVE-2025-28029

Exploit
  • EPSS 0.15%
  • Published 22.04.2025 00:00:00
  • Last modified 07.05.2025 16:28:29

TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in cstecgi.cgi

9.8

CVE-2025-28035

Exploit
  • EPSS 3.25%
  • Published 22.04.2025 00:00:00
  • Last modified 29.04.2025 16:14:17

TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.

7.8

CVE-2022-36612

Exploit
  • EPSS 0.06%
  • Published 29.08.2022 00:15:08
  • Last modified 21.11.2024 07:13:24

TOTOLINK A950RG V4.1.2cu.5204_B20210112 was discovered to contain a hardcoded password for root at /etc/shadow.sample.

7.2

CVE-2022-28935

Exploit
  • EPSS 9.97%
  • Published 06.07.2022 13:15:09
  • Last modified 21.11.2024 06:58:12

Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4.1.2cu.5161_B20200903, Totolink A800R V4.1.2cu.5137_B20200730, Totolink A3000RU V5.9c.5185_B20201128, Totolink A810R V4.1.2cu.5182_B20201026 were discover...

9.8

CVE-2022-26214

Exploit
  • EPSS 26.47%
  • Published 15.03.2022 22:15:14
  • Last modified 21.11.2024 06:53:36

Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnera...

9.8

CVE-2022-26212

Exploit
  • EPSS 17.34%
  • Published 15.03.2022 22:15:14
  • Last modified 21.11.2024 06:53:36

Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnera...