Totolink A7100ru_firmware

37 CVEs affecting Totolink A7100ru_firmware. Latest disclosed: 2025-07-21. Critical: 37, High: 0.

Top CVEs affecting Totolink A7100ru_firmware
CVESeverityScorePublishedSummary
CVE-2025-44655Critical9.82025-07-21In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to syst…
CVE-2023-7095Critical9.82023-12-25A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Affected by this issue is the function main of the…
CVE-2023-6906Critical9.82023-12-18A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstec…
CVE-2023-33556Critical9.82023-06-07TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg.
CVE-2023-30054Critical9.82023-05-05TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payloa…
CVE-2023-30053Critical9.82023-05-05TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.
CVE-2023-26978Critical9.82023-04-07TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg.
CVE-2023-26848Critical9.82023-04-07TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules.
CVE-2023-27232Critical9.82023-03-28TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg.
CVE-2023-27231Critical9.82023-03-28TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg.
CVE-2023-27229Critical9.82023-03-28TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg.
CVE-2023-27135Critical9.82023-03-23TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg.
CVE-2023-25395Critical9.82023-03-08TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules.
CVE-2023-24184Critical9.82023-02-21TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability.
CVE-2023-24238Critical9.82023-02-16TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules.
CVE-2023-24236Critical9.82023-02-16TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the province parameter at setting/delStaticDhcpRules.
CVE-2023-24276Critical9.82023-02-06TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules.
CVE-2022-48126Critical9.82023-01-20TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGene…
CVE-2022-48125Critical9.82023-01-20TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGene…
CVE-2022-48124Critical9.82023-01-20TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGene…