A3300r Firmware

a3300r_firmware

Vendor: Totolink • 64 CVEs

CVEs (64)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-37172 1Totolink 1A3300r Firmware Nov 21, 2024 Jul 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function.
CVE-2023-37171 1Totolink 1A3300r Firmware Nov 21, 2024 Jul 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.
CVE-2023-37170 1Totolink 1A3300r Firmware Nov 21, 2024 Jul 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function.
CVE-2023-31729 1Totolink 1A3300r Firmware Jan 22, 2025 May 18, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi.