Shodan
Vulnerabilities
Vulnerable Software
Totolink:  >> Ca300-Poe Firmware  Security Vulnerabilities
CVE-2023-24149
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is stored in the component /etc/shadow.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-02-03
CVE-2023-24142
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagPingSize parameter in the setNetworkDiag function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24143
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagTracertHop parameter in the setNetworkDiag function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24144
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the hour parameter in the setRebootScheCfg function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24145
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the plugin_version parameter in the setUnloadUserData function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24146
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the minute parameter in the setRebootScheCfg function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24138
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the host_time parameter in the NTPSyncWithHost function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24139
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagHost parameter in the setNetworkDiag function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24140
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagPingNum parameter in the setNetworkDiag function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03
CVE-2023-24141
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagPingTimeOut parameter in the setNetworkDiag function.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-02-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved