cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-42543,https://securityvulnerability.io/vulnerability/CVE-2024-42543,Buffer Overflow Vulnerability in TOTOLINK A3700R Product,"The TOTOLINK A3700R version 9.1.2u.5822_B20200513 is subject to a buffer overflow vulnerability in the loginauth function, specifically related to the http_host parameter. This vulnerability may allow an attacker to exploit memory allocation issues, potentially leading to unauthorized access or disruption of service. It's essential for users and administrators of the TOTOLINK A3700R to apply security measures and updates to mitigate risks associated with this vulnerability.",Totolink,A3700r Firmware,9.8,CRITICAL,0.01269999984651804,false,false,false,false,,false,false,2024-08-12T18:15:00.000Z,0
CVE-2024-42545,https://securityvulnerability.io/vulnerability/CVE-2024-42545,Buffer Overflow Vulnerability in TOTOLINK A3700R Router Product by TOTOLINK,"The TOTOLINK A3700R v9.1.2u.5822_B20200513 is impacted by a buffer overflow vulnerability in the ssid parameter of the setWizardCfg function. This security flaw can be exploited by an attacker to cause unexpected behaviors, potentially leading to unauthorized access or denial of service. This highlights the importance of robust security practices and timely updates to safeguard affected devices from potential exploitations.",Totolink,A3700r Firmware,9.8,CRITICAL,0.01269999984651804,false,false,false,false,,false,false,2024-08-12T18:15:00.000Z,0
CVE-2024-37635,https://securityvulnerability.io/vulnerability/CVE-2024-37635,Stack Overflow Vulnerability in TOTOLINK A3700R Router,"The TOTOLINK A3700R router is susceptible to a stack overflow vulnerability that can be triggered via the 'ssid' parameter in the 'setWiFiBasicCfg' function. This security flaw could potentially allow an attacker to exploit the router, leading to unauthorized access or a denial of service. Proper configuration and timely updates are critical to mitigate associated risks.",Totolink,A3700r Firmware,9.8,CRITICAL,0.06701000034809113,false,false,false,false,,false,false,2024-06-13T00:00:00.000Z,0
CVE-2024-37632,https://securityvulnerability.io/vulnerability/CVE-2024-37632,Stack Overflow Vulnerability in TOTOLINK A3700R by TOTOLINK,"The TOTOLINK A3700R router is reportedly susceptible to a stack overflow vulnerability through the password parameter in the loginAuth function. This flaw may allow an attacker to execute arbitrary code or cause a denial of service. By exploiting this vulnerability, unauthorized users could gain elevated privileges, posing significant security risks to the device and the networks it operates within. Users are encouraged to assess their systems and apply any available patches or updates to mitigate this risk.",Totolink,A3700r Firmware,9.8,CRITICAL,0.06881999969482422,false,false,false,false,,false,false,2024-06-13T00:00:00.000Z,0
CVE-2024-22662,https://securityvulnerability.io/vulnerability/CVE-2024-22662,Stack Overflow Vulnerability in TOTOLINK Router Products,"A stack overflow vulnerability exists in the TOTOLINK A3700R router, specifically concerning the 'setParentalRules' function. This weakness could allow an attacker to exploit memory management issues within the device, potentially leading to unauthorized access or control over the router's functionalities. Users of affected versions should prioritize their security by applying relevant patches and scrutinizing configurations to mitigate risks associated with this vulnerability.",Totolink,A3700r Firmware,9.8,CRITICAL,0.0013000000035390258,false,false,false,false,,false,false,2024-01-23T00:00:00.000Z,0
CVE-2024-22663,https://securityvulnerability.io/vulnerability/CVE-2024-22663,Command Injection Vulnerability in TOTOLINK A3700R Router,"The TOTOLINK A3700R router version V9.1.2u.6165_20211012 is exposed to a command injection vulnerability through the 'setOpModeCfg' function. This weakness allows an attacker to execute arbitrary commands on the device, which could lead to unauthorized access, data manipulation, or further network exploitation. It is essential for users to apply the necessary updates and implement security measures to mitigate potential threats arising from this vulnerability.",Totolink,A3700r Firmware,9.8,CRITICAL,0.668690025806427,false,false,false,false,,false,false,2024-01-23T00:00:00.000Z,0
CVE-2024-22660,https://securityvulnerability.io/vulnerability/CVE-2024-22660,Stack Overflow Vulnerability in TOTOLINK A3700R Products,"The TOTOLINK A3700R is affected by a stack overflow vulnerability through the setLanguageCfg function. This vulnerability allows an attacker to exploit the system's memory allocation by sending specially crafted input, potentially leading to remote code execution and manipulation of the device. This poses a significant risk for users relying on the security of their IoT devices, as unauthorized access can compromise device functionality and data integrity.",Totolink,A3700r Firmware,9.8,CRITICAL,0.0013000000035390258,false,false,false,false,,false,false,2024-01-23T00:00:00.000Z,0
CVE-2023-48192,https://securityvulnerability.io/vulnerability/CVE-2023-48192,,An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function.,Totolink,A3700r Firmware,7.8,HIGH,0.0008500000112690032,false,false,false,false,,false,false,2023-11-20T00:00:00.000Z,0
CVE-2023-46574,https://securityvulnerability.io/vulnerability/CVE-2023-46574,Remote Code Execution Vulnerability in TOTOLINK A3700R Router,"A security flaw exists in the TOTOLINK A3700R router that enables remote attackers to execute arbitrary code. This vulnerability can be exploited via the FileName parameter of the UploadFirmwareFile function, posing significant risks to device integrity and user data.",Totolink,A3700r Firmware,9.8,CRITICAL,0.1080000028014183,false,false,false,false,,false,false,2023-10-25T18:17:00.000Z,0
CVE-2023-43141,https://securityvulnerability.io/vulnerability/CVE-2023-43141,,TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.,Totolink,A3700r Firmware,9.8,CRITICAL,0.013869999907910824,false,false,false,false,,false,false,2023-09-25T00:00:00.000Z,0
CVE-2022-36466,https://securityvulnerability.io/vulnerability/CVE-2022-36466,,TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.,Totolink,A3700r Firmware,7.8,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2022-08-25T13:53:41.000Z,0
CVE-2022-36465,https://securityvulnerability.io/vulnerability/CVE-2022-36465,,TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter.,Totolink,A3700r Firmware,7.8,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2022-08-25T13:53:37.000Z,0
CVE-2022-36464,https://securityvulnerability.io/vulnerability/CVE-2022-36464,,TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.,Totolink,A3700r Firmware,7.8,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2022-08-25T13:53:31.000Z,0
CVE-2022-36463,https://securityvulnerability.io/vulnerability/CVE-2022-36463,,TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.,Totolink,A3700r Firmware,7.8,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2022-08-25T13:53:30.000Z,0
CVE-2022-36462,https://securityvulnerability.io/vulnerability/CVE-2022-36462,,TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.,Totolink,A3700r Firmware,7.8,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2022-08-25T13:53:29.000Z,0
CVE-2022-36461,https://securityvulnerability.io/vulnerability/CVE-2022-36461,,TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.,Totolink,A3700r Firmware,7.8,HIGH,0.0010999999940395355,false,false,false,false,,false,false,2022-08-25T13:53:28.000Z,0
CVE-2022-36459,https://securityvulnerability.io/vulnerability/CVE-2022-36459,,TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.,Totolink,A3700r Firmware,7.8,HIGH,0.0010999999940395355,false,false,false,false,,false,false,2022-08-25T13:53:27.000Z,0
CVE-2022-36460,https://securityvulnerability.io/vulnerability/CVE-2022-36460,,TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.,Totolink,A3700r Firmware,7.8,HIGH,0.0010999999940395355,false,false,false,false,,false,false,2022-08-25T13:53:27.000Z,0
CVE-2022-36458,https://securityvulnerability.io/vulnerability/CVE-2022-36458,,TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.,Totolink,A3700r Firmware,7.8,HIGH,0.0010999999940395355,false,false,false,false,,false,false,2022-08-25T13:53:26.000Z,0