Skip to main content

A7100Ru Firmware

30 CVEs product

Monthly

CVE-2025-44655 CRITICAL Act Now

Privilege escalation and unauthorized file access affects TOTOLINK A7100RU (V7.4), A950RG (V5.9), and T10 (V5.9) routers because their bundled vsftpd FTP server ships with the chroot_local_user option enabled in vsftpd.conf, an insecure default that can let a local FTP user reach system files and escalate on the device. On these consumer routers the FTP daemon runs with high privilege and weak isolation, so a foothold on the FTP service can be used to read sensitive files, gain elevated access, and pivot into the internal network. There is no CISA KEV listing and no public exploit identified at time of analysis; the only reference is a researcher gist, and EPSS is low at 0.34% (26th percentile).

Privilege Escalation Authentication Bypass A7100Ru Firmware A950rg Firmware T10 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2023-7095 CRITICAL POC THREAT Act Now

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A7100Ru Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
13.7%
CVE-2023-6906 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A7100Ru Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.8%
CVE-2023-33556 CRITICAL POC Act Now

TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2023-30054 CRITICAL POC Act Now

TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2023-30053 CRITICAL POC Act Now

TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2023-26978 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-26848 CRITICAL POC Act Now

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-27232 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-27231 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2023-27229 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2023-27135 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2023-25395 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-24184 CRITICAL Act Now

TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-24238 CRITICAL POC Act Now

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-24236 CRITICAL POC Act Now

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the province parameter at setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-24276 CRITICAL POC Act Now

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2022-46634 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-46631 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-44844 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2022-44843 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2022-28584 CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2022-28583 CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2022-28582 CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2022-28581 CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2022-28580 CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2022-28579 CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2022-28578 CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2022-28577 CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the delParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2022-28575 CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows attackers to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
EPSS 0% CVSS 9.8
CRITICAL Act Now

Privilege escalation and unauthorized file access affects TOTOLINK A7100RU (V7.4), A950RG (V5.9), and T10 (V5.9) routers because their bundled vsftpd FTP server ships with the chroot_local_user option enabled in vsftpd.conf, an insecure default that can let a local FTP user reach system files and escalate on the device. On these consumer routers the FTP daemon runs with high privilege and weak isolation, so a foothold on the FTP service can be used to read sensitive files, gain elevated access, and pivot into the internal network. There is no CISA KEV listing and no public exploit identified at time of analysis; the only reference is a researcher gist, and EPSS is low at 0.34% (26th percentile).

Privilege Escalation Authentication Bypass A7100Ru Firmware +2
NVD GitHub
EPSS 14% CVSS 9.8
CRITICAL POC THREAT Act Now

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A7100Ru Firmware
NVD GitHub VulDB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow A7100Ru Firmware
NVD GitHub VulDB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 router was discovered to contain a command injection vulnerability via the ou parameter at /setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the city parameter at setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the province parameter at setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the delParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows attackers to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy