Totolink A3300R Firmware vulnerabilities
64 known vulnerabilities affecting totolink/a3300r_firmware.
Total CVEs
64
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL29HIGH9MEDIUM18LOW8
Vulnerabilities
Page 4 of 4
CVE-2023-37170CRITICALCVSS 9.8v17.0.0cu.557_b202210242023-07-07
CVE-2023-37170 [CRITICAL] CWE-78 CVE-2023-37170: TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote code exe
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function.
nvd
CVE-2023-37172CRITICALCVSS 9.8v17.0.0cu.557_b202210242023-07-07
CVE-2023-37172 [CRITICAL] CWE-78 CVE-2023-37172: TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function.
nvd
CVE-2023-37171CRITICALCVSS 9.8v17.0.0cu.557_b202210242023-07-07
CVE-2023-37171 [CRITICAL] CWE-78 CVE-2023-37171: TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.
nvd
CVE-2023-31729CRITICALCVSS 9.8v17.0.0cu.5572023-05-18
CVE-2023-31729 [CRITICAL] CWE-77 CVE-2023-31729: TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi.
TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi.
nvd
← Previous4 / 4