Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
totolink a3100r firmware vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2022-29639
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a command injection vulnerability via the magicid parameter in the function uci_cloudupdate_config.
Totolink A3100r Firmware 4.1.2cu.5050 B20200504
Totolink A3100r Firmware 4.1.2cu.5247 B20211129
7.5
CVSSv3
CVE-2022-29641
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the startTime and endTime parameters in the function setParentalRules. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted PO...
Totolink A3100r Firmware 4.1.2cu.5050 B20200504
Totolink A3100r Firmware 4.1.2cu.5247 B20211129
9.8
CVSSv3
CVE-2022-29644
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for the telnet service stored in the component /web_cste/cgi-bin/product.ini.
Totolink A3100r Firmware 4.1.2cu.5050 B20200504
Totolink A3100r Firmware 4.1.2cu.5247 B20211129
9.8
CVSSv3
CVE-2022-29645
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for root stored in the component /etc/shadow.sample.
Totolink A3100r Firmware 4.1.2cu.5050 B20200504
Totolink A3100r Firmware 4.1.2cu.5247 B20211129
5.3
CVSSv3
CVE-2022-29646
An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows malicious users to obtain sensitive information via a crafted web request.
Totolink A3100r Firmware 4.1.2cu.5050 B20200504
Totolink A3100r Firmware 4.1.2cu.5247 B20211129
7.5
CVSSv3
CVE-2022-29638
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setIpQosRules. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted POST request.
Totolink A3100r Firmware 4.1.2cu.5050 B20200504
Totolink A3100r Firmware 4.1.2cu.5247 B20211129
7.5
CVSSv3
CVE-2022-29640
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setPortForwardRules. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted POST request.
Totolink A3100r Firmware 4.1.2cu.5050 B20200504
Totolink A3100r Firmware 4.1.2cu.5247 B20211129
7.5
CVSSv3
CVE-2022-29642
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted POST request.
Totolink A3100r Firmware 4.1.2cu.5050 B20200504
Totolink A3100r Firmware 4.1.2cu.5247 B20211129
7.5
CVSSv3
CVE-2022-29643
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted POST request.
Totolink A3100r Firmware 4.1.2cu.5050 B20200504
Totolink A3100r Firmware 4.1.2cu.5247 B20211129
9.8
CVSSv3
CVE-2021-44620
A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp via the hosTime parameters.
Totolink A3100r Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6267
XML injection
CVE-2024-37673
CVE-2024-6266
CVE-2024-30078
arbitrary
CVE-2024-36886
CVE-2024-5346
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »