Note:
This project will be discontinued after December 13, 2021. [more]
Product:
N600r_firmware
(Totolink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 25 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-22 | CVE-2022-26186 | TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the exportOvpn interface at cstecgi.cgi. | N600r_firmware | 9.8 | ||
| 2022-03-22 | CVE-2022-26187 | TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the pingCheck function. | N600r_firmware | 9.8 | ||
| 2022-03-22 | CVE-2022-26188 | TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via /setting/NTPSyncWithHost. | N600r_firmware | 9.8 | ||
| 2022-03-22 | CVE-2022-26189 | TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface. | N600r_firmware | 9.8 | ||
| 2022-05-05 | CVE-2022-27411 | TOTOLINK N600R v5.3c.5507_B20171031 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter in the "Main" function. | N600r_firmware | 9.8 | ||
| 2022-05-10 | CVE-2022-28905 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicemac parameter in /setting/setDeviceName. | N600r_firmware | 9.8 | ||
| 2022-05-10 | CVE-2022-28907 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost. | N600r_firmware | 9.8 | ||
| 2022-05-10 | CVE-2022-28906 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg. | N600r_firmware | 9.8 | ||
| 2022-05-10 | CVE-2022-28908 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg. | N600r_firmware | 9.8 | ||
| 2022-05-10 | CVE-2022-28910 | TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName. | N600r_firmware | 9.8 |