Totolink Cp450_firmware
19 CVEs affecting Totolink Cp450_firmware. Latest disclosed: 2024-08-05. Critical: 4, High: 11.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-7332 | Critical | 9.8 | 2024-08-01 | A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part of the file /web_cste/cgi-b… |
CVE-2024-34213 | Critical | 9.8 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function. |
CVE-2024-34209 | Critical | 9.8 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpPortFilterRules function. |
CVE-2024-34204 | Critical | 9.8 | 2024-05-14 | TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setUpgradeFW function via the FileName par… |
CVE-2024-7465 | High | 8.8 | 2024-08-05 | A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747_B20191224. Affected is the function loginauth of the file /cgi-bin/c… |
CVE-2024-34211 | High | 8.8 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as r… |
CVE-2024-34207 | High | 8.8 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function. |
CVE-2024-34200 | High | 8.8 | 2024-05-14 | TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpQosRules function. |
CVE-2024-34219 | High | 8.6 | 2024-05-14 | TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the SetTelnetCfg function, which allows attackers to log in through telnet. |
CVE-2024-34217 | High | 7.7 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function. |
CVE-2024-34215 | High | 7.3 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function. |
CVE-2024-34212 | High | 7.3 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the CloudACMunualUpdate function. |
CVE-2024-34210 | High | 7.3 | 2024-05-14 | TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the CloudACMunualUpdate function via the FileN… |
CVE-2024-34205 | High | 7.3 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the download_firmware function. |
CVE-2024-34201 | High | 7.3 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the getSaveConfig function. |
CVE-2024-34206 | Medium | 6.5 | 2024-05-14 | TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx… |
CVE-2024-34202 | Medium | 6.5 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setMacFilterRules function. |
CVE-2024-34218 | Low | 3.8 | 2024-05-14 | TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime… |
CVE-2024-34203 | Low | 3.8 | 2024-05-14 | TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function. |