N600r Firmware

n600r_firmware

Vendor: Totolink • 38 CVEs

CVEs (38)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-29394 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.
CVE-2022-29393 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.
CVE-2022-29392 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.
CVE-2022-29391 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.
CVE-2022-28913 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting.
CVE-2022-28912 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW.
CVE-2022-28911 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate.
CVE-2022-28910 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName.
CVE-2022-28909 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.
CVE-2022-28908 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg.
CVE-2022-28907 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost.
CVE-2022-28906 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg.
CVE-2022-28905 1Totolink 1N600r Firmware Nov 21, 2024 May 10, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName.
CVE-2022-27411 1Totolink 1N600r Firmware Nov 21, 2024 May 5, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLINK N600R v5.3c.5507_B20171031 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter in the "Main" function.
CVE-2022-26189 1Totolink 1N600r Firmware Nov 21, 2024 Mar 22, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface.
CVE-2022-26188 1Totolink 1N600r Firmware Nov 21, 2024 Mar 22, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via /setting/NTPSyncWithHost.
CVE-2022-26187 1Totolink 1N600r Firmware Nov 21, 2024 Mar 22, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the pingCheck function.
CVE-2022-26186 1Totolink 1N600r Firmware Nov 21, 2024 Mar 22, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the exportOvpn interface at cstecgi.cgi.

Previous 12