Note:
This project will be discontinued after December 13, 2021. [more]
Product:
N300rh\-V3_firmware
(Totolink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-12-09 | CVE-2020-25499 | TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router. | A3002r_firmware, A3002ru\-V1_firmware, A3002ru\-V2_firmware, A702r\-V2_firmware, A702r\-V3_firmware, N100re\-V3_firmware, N150rt_firmware, N200re\-V3_firmware, N200re\-V4_firmware, N210re_firmware, N300rh\-V3_firmware, N300rt_firmware, N302r_plus_firmware | 8.8 | ||
| 2020-11-24 | CVE-2015-9551 | An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter. | A850r\-V1_firmware, F1\-V2_firmware, F2\-V1_firmware, N150rt\-V2_firmware, N151rt\-V2_firmware, N300rh\-V2_firmware, N300rh\-V3_firmware, N300rt\-V2_firmware | 9.8 | ||
| 2020-11-24 | CVE-2015-9550 | An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface. | A850r\-V1_firmware, F1\-V2_firmware, F2\-V1_firmware, N150rt\-V2_firmware, N151rt\-V2_firmware, N300rh\-V2_firmware, N300rh\-V3_firmware, N300rt\-V2_firmware | 7.5 |