A800r_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
A800r_firmware
(Totolink)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	21

Date	Id	Summary	Products	Score	Patch	Annotated
2025-04-23	CVE-2025-28017	TOTOLINK A800R V4.1.2cu.5032_B20200408 is vulnerable to Command Injection in downloadFile.cgi via the QUERY_STRING parameter.	A800r_firmware	N/A
2025-04-23	CVE-2025-28018	TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v14 parameter.	A800r_firmware	N/A
2025-04-23	CVE-2025-28019	TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in the downloadFile.cgi component	A800r_firmware	N/A
2025-04-23	CVE-2025-28020	TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter.	A800r_firmware	N/A
2025-04-15	CVE-2025-28136	TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in the downloadFile.cgi.	A800r_firmware	N/A
2025-04-22	CVE-2025-28032	TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpForm parameter.	A3000ru_firmware, A3100r_firmware, A800r_firmware, A810r_firmware, A830r_firmware, A950rg_firmware	N/A
2025-04-22	CVE-2025-28033	TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpTo parameter.	A3000ru_firmware, A3100r_firmware, A800r_firmware, A810r_firmware, A830r_firmware, A950rg_firmware	N/A
2025-04-22	CVE-2025-28034	TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.	A3000ru_firmware, A3100r_firmware, A800r_firmware, A810r_firmware, A830r_firmware, A950rg_firmware	N/A
2025-04-22	CVE-2025-28035	TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.	A3000ru_firmware, A3100r_firmware, A800r_firmware, A810r_firmware, A830r_firmware, A950rg_firmware	N/A
2025-04-22	CVE-2025-28036	TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.	A3000ru_firmware, A3100r_firmware, A800r_firmware, A810r_firmware, A830r_firmware, A950rg_firmware	N/A