N600r_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
N600r_firmware
(Totolink)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	25

Date	Id	Summary	Products	Score	Patch	Annotated
2022-05-10	CVE-2022-28907	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost.	N600r_firmware	9.8
2022-05-10	CVE-2022-28909	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.	N600r_firmware	9.8
2022-05-10	CVE-2022-28910	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName.	N600r_firmware	9.8
2022-05-10	CVE-2022-28911	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/CloudACMunualUpdate.	N600r_firmware	9.8
2022-05-10	CVE-2022-28912	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW.	N600r_firmware	9.8
2022-05-10	CVE-2022-28913	TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting.	N600r_firmware	9.8
2022-08-29	CVE-2022-36613	TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at /etc/shadow.sample.	N600r_firmware	7.8
2022-05-10	CVE-2022-29391	TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.	N600r_firmware	9.8
2022-05-10	CVE-2022-29392	TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.	N600r_firmware	9.8
2022-05-10	CVE-2022-29393	TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.	N600r_firmware	9.8