Totolink N100re_firmware

5 CVEs affecting Totolink N100re_firmware. Latest disclosed: 2022-05-02. Critical: 1, High: 3.

Top CVEs affecting Totolink N100re_firmware
CVESeverityScorePublishedSummary
CVE-2019-19825Critical9.82020-01-27On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, lead…
CVE-2019-19824High8.82020-01-27On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd UR…
CVE-2019-19823High7.52020-01-27A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and…
CVE-2019-19822High7.52020-01-27A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, includ…
CVE-2020-23617Medium6.12022-05-02A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTM…