cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-23064,https://securityvulnerability.io/vulnerability/CVE-2023-23064,Incorrect Access Control Vulnerability in TOTOLINK A720R Router,"The TOTOLINK A720R router, specifically the V4.1.5cu.532_B20210610 version, has been identified to contain an incorrect access control vulnerability. This flaw allows unauthorized users to gain access to restricted areas of the system, potentially compromising sensitive information and network configurations. Users of the affected model should implement appropriate security measures to mitigate the risk associated with this vulnerability.",Totolink,A720r Firmware,9.8,CRITICAL,0.0071299998089671135,false,,false,false,false,,,false,false,,2023-02-17T00:00:00.000Z,0
CVE-2022-38535,https://securityvulnerability.io/vulnerability/CVE-2022-38535,Remote Code Execution Vulnerability in TOTOLINK Router,"The TOTOLINK 720R router version 4.1.5cu.374 has been identified with a remote code execution vulnerability. This issue arises through the setTracerouteCfg function, allowing potential attackers to execute arbitrary code on the device, which could compromise user data and network integrity. It's essential for users to update their devices and implement security measures to mitigate risks associated with this vulnerability.",Totolink,A720r Firmware,7.2,HIGH,0.003389999968931079,false,,false,false,false,,,false,false,,2022-09-15T17:58:20.000Z,0
CVE-2022-38534,https://securityvulnerability.io/vulnerability/CVE-2022-38534,Remote Code Execution Vulnerability in TOTOLINK-720R Router,"TOTOLINK-720R version 4.1.5cu.374 has a vulnerability that can be exploited to execute arbitrary code remotely through the setdiagnosicfg function. This issue poses significant risks to users as attackers can potentially gain unauthorized access, compromising the integrity and confidentiality of the device. Ensuring immediate remediation and applying security updates is essential to safeguard against potential exploits.",Totolink,A720r Firmware,7.2,HIGH,0.003389999968931079,false,,false,false,false,,,false,false,,2022-09-15T17:58:19.000Z,0
CVE-2022-36610,https://securityvulnerability.io/vulnerability/CVE-2022-36610,Hardcoded Password Vulnerability in TOTOLINK Router Products,"The TOTOLINK A720R router version V4.1.5cu.532_B20210610 has been found to include a hardcoded root password located in a sample shadow file. This security flaw can potentially allow unauthorized access to the device, compromising network security and exposing users to various cyber threats.",Totolink,A720r Firmware,7.8,HIGH,0.0011399999493733048,false,,false,false,false,,,false,false,,2022-08-29T00:15:00.000Z,0
CVE-2022-36456,https://securityvulnerability.io/vulnerability/CVE-2022-36456,Command Injection Vulnerability in TOTOLink A720R Routers,"A command injection vulnerability has been identified in the TOTOLink A720R router, specifically in version V4.1.5cu.532_B20210610. This vulnerability arises from improper handling of the username parameter in the /cstecgi.cgi script, allowing an attacker to execute arbitrary commands on the device. Exploiting this vulnerability could lead to unauthorized access and control over the affected router, posing significant risks for network security.",Totolink,A720r Firmware,7.8,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2022-08-25T13:53:25.000Z,0
CVE-2021-44246,https://securityvulnerability.io/vulnerability/CVE-2021-44246,"Stack Overflow in Totolink A3100R, A830R, and A720R Devices","Totolink devices including A3100R, A830R, and A720R exhibit a vulnerability that leads to a stack overflow in the setNoticeCfg function. This flaw can be exploited through the IpTo parameter, enabling attackers to instigate a Denial of Service (DoS) condition. Addressing this vulnerability is critical to maintaining the operational integrity and security of affected devices.",Totolink,A720r Firmware,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2022-02-04T01:34:03.000Z,0
CVE-2021-44247,https://securityvulnerability.io/vulnerability/CVE-2021-44247,Command Injection Vulnerability in Totolink Router Models,"Certain Totolink router models, specifically A3100R, A830R, and A720R, exhibit a command injection flaw in the setNoticeCfg function. This vulnerability allows attackers to exploit the IpFrom parameter, potentially executing arbitrary commands on the affected devices. This can lead to unauthorized access and compromise the integrity of the network, highlighting the need for timely patching and robust security practices to safeguard against such vulnerabilities.",Totolink,A720r Firmware,9.8,CRITICAL,0.008410000242292881,false,,false,false,false,,,false,false,,2022-02-04T01:34:03.000Z,0
CVE-2021-45737,https://securityvulnerability.io/vulnerability/CVE-2021-45737,Stack Overflow Vulnerability in TOTOLINK A720R Router,"The TOTOLINK A720R router version 4.1.5cu.470_B20200911 is vulnerable to a stack overflow in the Form_Login function, which can be exploited through manipulation of the Host parameter. This exploitation could lead to a Denial of Service (DoS), affecting the functionality and availability of the device. It is crucial for users and administrators of this router to be aware of this vulnerability and take appropriate mitigation measures.",Totolink,A720r Firmware,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2022-02-04T01:33:54.000Z,0
CVE-2021-45739,https://securityvulnerability.io/vulnerability/CVE-2021-45739,Stack Overflow Vulnerability in TOTOLINK A720R Product,"A stack overflow vulnerability has been identified in the Form_Login function of the TOTOLINK A720R router. This weakness can be exploited by attackers to trigger a Denial of Service (DoS) condition through manipulation of the flag parameter, potentially rendering the device inoperable and disrupting network services.",Totolink,A720r Firmware,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2022-02-04T01:33:53.000Z,0
CVE-2021-45740,https://securityvulnerability.io/vulnerability/CVE-2021-45740,Stack Overflow Vulnerability in TOTOLINK A720R Router,"The TOTOLINK A720R router is vulnerable to a stack overflow in the setWiFiWpsStart function, triggered by the pin parameter. This flaw allows remote attackers to exploit the vulnerability, potentially leading to a Denial of Service (DoS) condition, of which the system becomes unresponsive, disrupting normal network operations.",Totolink,A720r Firmware,9.8,CRITICAL,0.0026100000832229853,false,,false,false,false,,,false,false,,2022-02-04T01:33:52.000Z,0
CVE-2021-45742,https://securityvulnerability.io/vulnerability/CVE-2021-45742,Command Injection Vulnerability in TOTOLINK A720R Router,"The TOTOLINK A720R router version v4.1.5cu.470_B20200911 is impacted by a command injection flaw within its 'Main' function. This issue enables remote attackers to execute arbitrary commands on the device by manipulating the QUERY_STRING parameter. Exploitation of this vulnerability could lead to unauthorized access and control over the affected router, highlighting the need for prompt remediation to safeguard network integrity.",Totolink,A720r Firmware,9.8,CRITICAL,0.008410000242292881,false,,false,false,false,,,false,false,,2022-02-04T01:33:51.000Z,0
CVE-2021-35325,https://securityvulnerability.io/vulnerability/CVE-2021-35325,Denial of Service Vulnerability in TOTOLINK A720R Router Firmware,"A stack overflow vulnerability exists within the checkLoginUser function of the TOTOLINK A720R router firmware. This flaw allows an attacker to exploit the vulnerability, potentially leading to a denial of service (DoS). When triggered, the attack can disrupt the normal operation of the router, impacting users' connectivity and overall network stability.",Totolink,A720r Firmware,7.5,HIGH,0.001180000021122396,false,,false,false,false,,,false,false,,2021-08-05T20:39:19.000Z,0
CVE-2021-35327,https://securityvulnerability.io/vulnerability/CVE-2021-35327,Telnet Service Exploit in TOTOLINK Router Firmware,"A vulnerability exists in the TOTOLINK A720R router firmware that allows attackers to enable the Telnet service and access it using default credentials. This is achieved through a specially crafted POST request, posing a significant security risk to network integrity and data confidentiality.",Totolink,A720r Firmware,9.8,CRITICAL,0.01737000048160553,false,,false,false,false,,,false,false,,2021-08-05T20:39:17.000Z,0
CVE-2021-35326,https://securityvulnerability.io/vulnerability/CVE-2021-35326,Configuration File Download Vulnerability in TOTOLINK A720R Router,"A security flaw in the TOTOLINK A720R router allows attackers to exploit a vulnerability by sending a specially crafted HTTP request. This enables unauthorized users to download the router's configuration file, potentially exposing sensitive information stored within. Proper safeguards and firmware updates are essential to mitigate such risks and protect network integrity.",Totolink,A720r Firmware,7.5,HIGH,0.009449999779462814,false,,false,false,false,,,false,false,,2021-08-05T20:39:16.000Z,0
CVE-2021-35324,https://securityvulnerability.io/vulnerability/CVE-2021-35324,Authentication Bypass Vulnerability in TOTOLINK A720R Router,"A vulnerability exists in the Form_Login function of the TOTOLINK A720R router that enables attackers to bypass authentication measures. This flaw could potentially allow unauthorized users to gain access to sensitive router settings and configurations, posing significant risks to network security. It is crucial for users of the affected firmware version to implement necessary updates or patches to mitigate such risks effectively.",Totolink,A720r Firmware,9.8,CRITICAL,0.0106800002977252,false,,false,false,false,,,false,false,,2021-08-05T20:39:11.000Z,0