A7100ru_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
A7100ru_firmware
(Totolink)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	36

Date	Id	Summary	Products	Score	Patch	Annotated
2023-01-17	CVE-2022-47853	TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload.	A7100ru_firmware	9.8
2023-01-20	CVE-2022-48121	TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function.	A7100ru_firmware	9.8
2023-01-20	CVE-2022-48122	TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function.	A7100ru_firmware	9.8
2023-01-20	CVE-2022-48124	TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function.	A7100ru_firmware	9.8
2023-01-20	CVE-2022-48123	TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function.	A7100ru_firmware	9.8
2023-01-20	CVE-2022-48125	TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function.	A7100ru_firmware	9.8
2023-01-20	CVE-2022-48126	TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function.	A7100ru_firmware	9.8
2023-06-07	CVE-2023-33556	TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg.	A7100ru_firmware	9.8
2023-05-05	CVE-2023-30053	TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.	A7100ru_firmware	9.8
2023-05-05	CVE-2023-30054	TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload.	A7100ru_firmware	9.8