Shodan
Vulnerabilities
Vulnerable Software
Totolink:  >> Ca300-Poe  Security Vulnerabilities
CVE-2023-24160
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-14
CVE-2023-24161
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the webWlanIdx parameter in the setWebWlanIdx function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-14
CVE-2023-24147
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-02-03
CVE-2023-24148
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadUserData function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24149
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is stored in the component /etc/shadow.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-02-03
CVE-2023-24142
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagPingSize parameter in the setNetworkDiag function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24143
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagTracertHop parameter in the setNetworkDiag function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24144
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the hour parameter in the setRebootScheCfg function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24145
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the plugin_version parameter in the setUnloadUserData function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24146
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the minute parameter in the setRebootScheCfg function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved