Total
25 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-24325 | 1 Totolink | 2 A3300r, A3300r Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setParentalRules function. | |||||
CVE-2023-37172 | 1 Totolink | 2 A3300r, A3300r Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function. | |||||
CVE-2023-37171 | 1 Totolink | 2 A3300r, A3300r Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function. | |||||
CVE-2023-37170 | 1 Totolink | 2 A3300r, A3300r Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function. | |||||
CVE-2023-37173 | 1 Totolink | 2 A3300r, A3300r Firmware | 2024-02-04 | N/A | 9.8 CRITICAL |
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function. |