A7000r Firmware

a7000r_firmware

Vendor: Totolink • 35 CVEs

CVEs (35)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-36947 1Totolink 2A7000r Firmware X5000r Firmware Nov 21, 2024 Oct 16, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule.
CVE-2022-32993 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 29, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh.
CVE-2022-37084 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the sPort parameter at the addEffect function.
CVE-2022-37083 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg.
CVE-2022-37082 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the host_time parameter at the function NTPSyncWithHost.
CVE-2022-37081 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the command parameter at setting/setTracerouteCfg.
CVE-2022-37080 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the command parameter at setting/setTracerouteCfg.
CVE-2022-37079 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.
CVE-2022-37078 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the lang parameter at /setting/setLanguageCfg.
CVE-2022-37077 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the pppoeUser parameter.
CVE-2022-37076 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
CVE-2022-37075 1Totolink 1A7000r Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.
CVE-2022-27005 1Totolink 2A7000r Firmware X5000r Firmware Nov 21, 2024 Mar 15, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the setWanCfg function via the hostName parameter. This vulnerability all...Show more Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the setWanCfg function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.Show less
CVE-2022-27004 1Totolink 2A7000r Firmware X5000r Firmware Nov 21, 2024 Mar 15, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6in4 function via the remote6in4 parameter. This vulnerability...Show more Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6in4 function via the remote6in4 parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.Show less
CVE-2022-27003 1Totolink 2A7000r Firmware X5000r Firmware Nov 21, 2024 Mar 15, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6rd function via the relay6rd parameter. This vulnerability al...Show more Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6rd function via the relay6rd parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.Show less

Previous 12