Totolink N100re_firmware
5 CVEs affecting Totolink N100re_firmware. Latest disclosed: 2022-05-02. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-19825 | Critical | 9.8 | 2020-01-27 | On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, lead… |
CVE-2019-19824 | High | 8.8 | 2020-01-27 | On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd UR… |
CVE-2019-19823 | High | 7.5 | 2020-01-27 | A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and… |
CVE-2019-19822 | High | 7.5 | 2020-01-27 | A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, includ… |
CVE-2020-23617 | Medium | 6.1 | 2022-05-02 | A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTM… |