TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.
Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a stacker overflow in the fread function at infostat.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via the parameter CONTENT_LENGTH.
7.5CVSS
7.5AI Score
0.001EPSS
Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc/shadow.sample.
9.8CVSS
9.6AI Score
0.018EPSS
TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.
7.8CVSS
7.8AI Score
0.002EPSS
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password. The exploit has been disclo...
8.8CVSS
5.5AI Score
0.0005EPSS
A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected is the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostTime leads to os command injection. It is possible to launch the attack remotely. The expl...
8.8CVSS
7AI Score
0.001EPSS
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this vulnerability is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. The attack can be launc...
8.8CVSS
8.9AI Score
0.001EPSS
A vulnerability, which was classified as critical, has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password/http_host leads to buffer overflow. The attack may be launched re...
8.8CVSS
8.8AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This affects the function setdeviceName of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument deviceMac/deviceName leads to buffer overflow. It is possible to initiate the attack rem...
8.8CVSS
8.8AI Score
0.001EPSS
A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ipDoamin leads to os command injection. The attack can be initiated remotel...
8.8CVSS
6.9AI Score
0.001EPSS
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. This issue affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. The attack may be initiated remotely. The exploit has be...
8.8CVSS
8.9AI Score
0.001EPSS
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as critical. Affected is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument langType leads to buffer overflow. It is possible to launch the attack remotely. The ex...
8.8CVSS
8.9AI Score
0.001EPSS
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been declared as critical. Affected by this vulnerability is the function setMacQos of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument priority/macAddress leads to buffer overflow. The attack can be launched...
8.8CVSS
8.9AI Score
0.001EPSS
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument startTime/endTime leads to buffer overflow. The attack may be launched remot...
8.8CVSS
8.8AI Score
0.001EPSS
A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This affects the function setPortForwardRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. It is possible to initiate the attack remotely. The exp...
8.8CVSS
8.9AI Score
0.001EPSS
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument telnet_enabled leads to command injection. The attack can be initiated remotely. The ex...
8.8CVSS
6.9AI Score
0.001EPSS
A vulnerability, which was classified as critical, has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. The attack may be initiated remotely. The e...
8.8CVSS
8.9AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected is the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. It is possible to launch the attack remotely. The e...
8.8CVSS
7AI Score
0.001EPSS
A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. Affected by this vulnerability is the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument url leads to buffer overflow. The attack can be launched remotely....
8.8CVSS
7AI Score
0.001EPSS
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. Affected by this issue is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument webWlanIdx leads to buffer overflow. The attack may be launched remotely. The explo...
8.8CVSS
8.8AI Score
0.001EPSS
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as critical. This affects the function setWiFiAclAddConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. It is possible to initiate the attack remotely....
8.8CVSS
8.8AI Score
0.001EPSS
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been declared as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. T...
8.8CVSS
8.8AI Score
0.001EPSS