Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Totolink Subscribe
Filtered by product T10
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-25137 1 Totolink 4 T10, T10 Firmware, T6 and 1 more 2022-02-28 7.5 HIGH 9.8 CRITICAL
A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2022-25136 1 Totolink 4 T10, T10 Firmware, T6 and 1 more 2022-02-28 7.5 HIGH 9.8 CRITICAL
A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2022-25132 1 Totolink 4 T10, T10 Firmware, T6 and 1 more 2022-02-28 7.5 HIGH 9.8 CRITICAL
A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2022-25130 1 Totolink 4 T10, T10 Firmware, T6 and 1 more 2022-02-28 7.5 HIGH 9.8 CRITICAL
A command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2022-25131 1 Totolink 4 T10, T10 Firmware, T6 and 1 more 2022-02-28 7.5 HIGH 9.8 CRITICAL
A command injection vulnerability in the function recvSlaveCloudCheckStatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.