Totolink: >> N600r Firmware >> 5.3c.7159_b20190425 Security Vulnerabilities
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName.
CVSS Score
9.8
EPSS Score
0.116
Published
2022-05-10
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate.
CVSS Score
9.8
EPSS Score
0.116
Published
2022-05-10
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW.
CVSS Score
9.8
EPSS Score
0.116
Published
2022-05-10
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting.
CVSS Score
9.8
EPSS Score
0.116
Published
2022-05-10
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName.
CVSS Score
9.8
EPSS Score
0.116
Published
2022-05-10
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg.
CVSS Score
9.8
EPSS Score
0.116
Published
2022-05-10
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost.
CVSS Score
9.8
EPSS Score
0.116
Published
2022-05-10
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg.
CVSS Score
9.8
EPSS Score
0.116
Published
2022-05-10
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.
CVSS Score
9.8
EPSS Score
0.103
Published
2022-05-10