Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Totolink Subscribe
Filtered by product A7100ru Firmware
Total 25 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-25395 1 Totolink 2 A7100ru, A7100ru Firmware 2023-03-14 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 router has a command injection vulnerability.
CVE-2023-24184 1 Totolink 2 A7100ru, A7100ru Firmware 2023-03-02 N/A 9.8 CRITICAL
TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability.
CVE-2023-24238 1 Totolink 2 A7100ru, A7100ru Firmware 2023-02-24 N/A 9.8 CRITICAL
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules.
CVE-2023-24236 1 Totolink 2 A7100ru, A7100ru Firmware 2023-02-24 N/A 9.8 CRITICAL
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the province parameter at setting/delStaticDhcpRules.
CVE-2023-24276 1 Totolink 2 A7100ru, A7100ru Firmware 2023-02-13 N/A 9.8 CRITICAL
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules.
CVE-2022-48125 1 Totolink 2 A7100ru, A7100ru Firmware 2023-01-26 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function.
CVE-2022-48124 1 Totolink 2 A7100ru, A7100ru Firmware 2023-01-26 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function.
CVE-2022-48123 1 Totolink 2 A7100ru, A7100ru Firmware 2023-01-26 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function.
CVE-2022-48122 1 Totolink 2 A7100ru, A7100ru Firmware 2023-01-26 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function.
CVE-2022-48121 1 Totolink 2 A7100ru, A7100ru Firmware 2023-01-26 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function.
CVE-2022-48126 1 Totolink 2 A7100ru, A7100ru Firmware 2023-01-26 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function.
CVE-2022-47853 1 Totolink 2 A7100ru, A7100ru Firmware 2023-01-24 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload.
CVE-2022-46634 1 Totolink 2 A7100ru, A7100ru Firmware 2022-12-21 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.
CVE-2022-46631 1 Totolink 2 A7100ru, A7100ru Firmware 2022-12-21 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.
CVE-2022-44844 1 Totolink 2 A7100ru, A7100ru Firmware 2022-12-01 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function.
CVE-2022-44843 1 Totolink 2 A7100ru, A7100ru Firmware 2022-12-01 N/A 9.8 CRITICAL
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function.
CVE-2022-28579 1 Totolink 2 A7100ru, A7100ru Firmware 2022-05-13 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28580 1 Totolink 2 A7100ru, A7100ru Firmware 2022-05-12 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28584 1 Totolink 2 A7100ru, A7100ru Firmware 2022-05-12 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.
CVE-2022-28583 1 Totolink 2 A7100ru, A7100ru Firmware 2022-05-12 10.0 HIGH 9.8 CRITICAL
It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.