Shodan
Vulnerabilities
Vulnerable Software
Totolink:  Security Vulnerabilities
CVE-2024-37639
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-06-14
CVE-2024-37631
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the File parameter in function UploadCustomModule.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-06-13
CVE-2024-37632
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
CVSS Score
9.8
EPSS Score
0.009
Published
2024-06-13
CVE-2024-37633
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg
CVSS Score
8.8
EPSS Score
0.002
Published
2024-06-13
CVE-2024-37634
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-06-13
CVE-2024-37635
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
CVSS Score
9.8
EPSS Score
0.019
Published
2024-06-13
CVE-2024-36650
TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing attackers to construct malicious HTTP or MQTT requests to cause a denial-of-service attack.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-06-11
CVE-2024-36782
TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-06-03
CVE-2024-36783
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-06-03
CVE-2024-35403
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setIpPortFilterRules
CVSS Score
2.7
EPSS Score
0.0
Published
2024-05-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved