Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a3002ru_firmware vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2018-13314
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows malicious users to execute system commands via the "ipAddr" POST parameter.
Totolink A3002ru Firmware 1.0.8
890
VMScore
CVE-2018-13316
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows malicious users to execute system commands via the "subnet" POST parameter.
Totolink A3002ru Firmware 1.0.8
NA
CVE-2023-48859
TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows malicious users to bypass front-end security restrictions and execute arbitrary code.
Totolink A3002ru Firmware 2.0.0-b20190902.1958
NA
CVE-2022-35491
TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample.
Totolink A3002ru Firmware 3.0.0-b20220304.1804
801
VMScore
CVE-2019-19824
On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This aff...
Totolink A3002ru Firmware
Totolink A702r Firmware
Totolink N301rt Firmware
Totolink N302r Firmware
Totolink N300rt Firmware
Totolink N200re Firmware
Totolink N150rt Firmware
Totolink N100re Firmware
1 Github repository
668
VMScore
CVE-2019-19825
On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. (Also, the CAPTCHA text is not needed once the attacker has determined valid...
Totolink A3002ru Firmware
Totolink A702r Firmware
Totolink N301rt Firmware
Totolink N302r Firmware
Totolink N300rt Firmware
Totolink N200re Firmware
Totolink N150rt Firmware
Totolink N100re Firmware
445
VMScore
CVE-2019-19822
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote malicious users to retrieve the configuration, including sensitive data (usernames and passwords). This affects TOTOLINK A3002RU up to and including 2.0.0, A702R up to ...
Totolink A3002ru Firmware
Totolink A702r Firmware
Totolink N302r Firmware
Totolink N300rt Firmware
Totolink N200re Firmware
Totolink N150rt Firmware
Totolink N100re Firmware
Realtek Rtk 11n Ap Firmware
Sapido Gr297n Firmware
Ciktel Mesh Router Firmware
Kctvjeju Wireless Ap Firmware
Fg-products Fgn-r2 Firmware
Hiwifi Max-c300n Firmware
Tbroad Gn-866ac Firmware
Coship Emta Ap Firmwre
Iodata Wn-ac1167r Firmwre
Hcn Max-c300n Project Hcn Max-c300n Firmware
Totolink N301rt Firmware
1 Github repository
445
VMScore
CVE-2019-19823
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU up to and including 2.0.0, A702R up to and including 2.1.3, N301RT up to and in...
Totolink A3002ru Firmware
Totolink A702r Firmware
Totolink N302r Firmware
Totolink N300rt Firmware
Totolink N200re Firmware
Totolink N150rt Firmware
Totolink N100re Firmware
Realtek Rtk 11n Ap Firmware
Sapido Gr297n Firmware
Ciktel Mesh Router Firmware
Kctvjeju Wireless Ap Firmware
Fg-products Fgn-r2 Firmware
Hiwifi Max-c300n Firmware
Tbroad Gn-866ac Firmware
Coship Emta Ap Firmwre
Iodata Wn-ac1167r Firmwre
Hcn Max-c300n Project Hcn Max-c300n Firmware
Totolink N301rt Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2