N600r_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
N600r_firmware
(Totolink)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	25

Date	Id	Summary	Products	Score	Patch	Annotated
2023-09-25	CVE-2023-43141	TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.	A3700r_firmware, N600r_firmware	9.8
2022-05-05	CVE-2022-27411	TOTOLINK N600R v5.3c.5507_B20171031 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter in the "Main" function.	N600r_firmware	9.8
2022-05-10	CVE-2022-28905	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName.	N600r_firmware	9.8
2022-05-10	CVE-2022-28906	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg.	N600r_firmware	9.8
2022-05-10	CVE-2022-28908	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg.	N600r_firmware	9.8
2022-05-10	CVE-2022-28907	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost.	N600r_firmware	9.8
2022-05-10	CVE-2022-28909	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.	N600r_firmware	9.8
2022-05-10	CVE-2022-28910	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName.	N600r_firmware	9.8
2022-05-10	CVE-2022-28911	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate.	N600r_firmware	9.8
2022-05-10	CVE-2022-28912	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW.	N600r_firmware	9.8