cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-40475,https://securityvulnerability.io/vulnerability/CVE-2022-40475,Command Injection Vulnerability in TOTOLINK A860R Router,"The TOTOLINK A860R router is susceptible to a command injection vulnerability through the /cgi-bin/downloadFile.cgi component. This flaw enables an attacker to execute arbitrary commands on the system, leading to potential unauthorized access and compromise of sensitive data and system integrity.",Totolink,A860r Firmware,9.8,CRITICAL,0.03627999871969223,false,,false,false,false,,,false,false,,2022-09-29T11:37:10.000Z,0
CVE-2022-37842,https://securityvulnerability.io/vulnerability/CVE-2022-37842,Buffer Overflow Vulnerability in TOTOLINK A860R Router,"The TOTOLINK A860R router has a significant vulnerability stemming from improper handling of parameters within the infostat.cgi file. This flaw allows an attacker to exploit the buffer overflow, potentially leading to unauthorized access and manipulation of the device. Such vulnerabilities pose serious threats, especially in IoT devices, where secure configurations are paramount. Users of the affected version are advised to apply security updates or mitigate the issue as soon as possible.",Totolink,A860r Firmware,9.8,CRITICAL,0.001560000004246831,false,,false,false,false,,,false,false,,2022-09-06T16:43:02.000Z,0
CVE-2022-37840,https://securityvulnerability.io/vulnerability/CVE-2022-37840,Buffer Overflow Vulnerability in TOTOLINK A860R by TOTOLINK,"The TOTOLINK A860R router contains a buffer overflow vulnerability in its main function within downloadfile.cgi. This flaw can allow an attacker to exploit the affected firmware version, potentially leading to unauthorized access and manipulation of system resources. Vigilance is required from users of the device to mitigate potential security risks associated with this vulnerability.",Totolink,A860r Firmware,9.8,CRITICAL,0.001560000004246831,false,,false,false,false,,,false,false,,2022-09-06T16:40:44.000Z,0
CVE-2022-37841,https://securityvulnerability.io/vulnerability/CVE-2022-37841,Hard Coded Password Vulnerability in TOTOLINK Router,"The TOTOLINK A860R router, specifically version V4.1.2cu.5182_B20201027, contains a serious security issue where a hard coded password for the root user is stored in the /etc/shadow.sample file. This vulnerability allows unauthorized access to the router, significantly compromising the security of the device and the network it supports. Malicious actors can exploit this weakness to gain control over the device, potentially leading to further attacks on connected systems.",Totolink,A860r Firmware,7.5,HIGH,0.0011399999493733048,false,,false,false,false,,,false,false,,2022-09-06T16:39:42.000Z,0
CVE-2022-37839,https://securityvulnerability.io/vulnerability/CVE-2022-37839,Buffer Overflow Vulnerability in TOTOLINK A860R by TOTOLINK,"The TOTOLINK A860R router is subject to a buffer overflow vulnerability that can be exploited via the Cstecgi.cgi component. This allows potential attackers to manipulate memory, potentially leading to unauthorized access or arbitrary code execution. Users of the affected firmware version should take immediate precautions to secure their devices.",Totolink,A860r Firmware,9.8,CRITICAL,0.001560000004246831,false,,false,false,false,,,false,false,,2022-09-06T16:37:10.000Z,0
CVE-2022-37843,https://securityvulnerability.io/vulnerability/CVE-2022-37843,Command Injection Vulnerability in TOTOLINK A860R Router,"A command injection vulnerability exists in the TOTOLINK A860R router, specifically in the cstecgi.cgi file. This vulnerability allows attackers to execute arbitrary commands on the system by providing unauthorized parameters, which are executed without proper filtering or validation. This flaw poses a significant risk, enabling unauthorized access to the router's operating environment, which could lead to further exploits or compromise of the network.",Totolink,A860r Firmware,9.8,CRITICAL,0.013290000148117542,false,,false,false,false,,,false,false,,2022-09-06T16:34:56.000Z,0
CVE-2022-36614,https://securityvulnerability.io/vulnerability/CVE-2022-36614,Hardcoded Password Vulnerability in TOTOLINK A860R Router,"The TOTOLINK A860R contains a hardcoded password for the root user located in /etc/shadow.sample, which could allow unauthorized access to the device, enabling attackers to execute arbitrary commands and potentially compromise network security. This vulnerability highlights the importance of secure password management in network devices.",Totolink,A860r Firmware,7.8,HIGH,0.0011399999493733048,false,,false,false,false,,,false,false,,2022-08-29T00:15:00.000Z,0
CVE-2022-25083,https://securityvulnerability.io/vulnerability/CVE-2022-25083,Command Injection Vulnerability in TOTOLink A860R Router,"The TOTOLink A860R router has been identified to possess a command injection vulnerability within the 'Main' function. This susceptibility allows malicious actors to exploit the device by executing arbitrary commands, primarily through manipulation of the QUERY_STRING parameter. This type of vulnerability poses significant risks, as it could enable attackers to gain unauthorized access and control over the affected device, leading to potential data breaches and network security compromises.",Totolink,A860r Firmware,9.8,CRITICAL,0.00546000013127923,false,,false,false,false,,,false,false,,2022-02-24T15:15:00.000Z,0