📦 A3300r Firmware

This vulnerability allows unauthenticated remote attackers to bypass access controls on TOTOLINK routers. Attackers can send malicious payloads to vulnerable interfaces without logging in, potentially...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device. The vulnerability exists in the setStaticDhcpRules fu...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device. The vulnerability exists in the setMacFilterRules fun...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device. Attackers can exploit this by injecting malicious com...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers, allowing attackers to execute arbitrary commands via the url parameter in the setUrlFilterRules function. It affects us...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers via the ip parameter in the setDmzCfg function. Attackers can execute arbitrary commands with root privileges, potential...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device. Attackers can exploit this by sending specially craft...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands via the pass parameter in the setTr069Cfg function. Attackers can ga...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A3300R routers by exploiting improper input validation in the setLedCfg request. Attackers can gain full control of...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A3300R routers by injecting malicious commands into the file_name parameter during firmware upload. Attackers can g...

This vulnerability allows unauthenticated attackers to execute arbitrary commands on TOTOLINK A3300R routers by manipulating the lang parameter in the setLanguageCfg function. Attackers can gain full ...

This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device. Attackers can exploit this by sending specially craft...

CVE-2023-31729 is a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device via the /cgi-bin/cstecgi.cgi endpoint. This affects use...

This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK A3300R routers by exploiting a stack-based buffer overflow in the setOpModeCfg function. Attackers can send specially c...

A stack-based buffer overflow vulnerability in TOTOLINK A3300R routers allows remote attackers to execute arbitrary code by manipulating the 'enable' parameter in the setSyslogCfg function. This affec...

A remote buffer overflow vulnerability exists in TOTOLINK A3300R routers through the setDdnsCfg function in cstecgi.cgi. Attackers can exploit this to execute arbitrary code or crash devices. All user...

This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK A3300R routers by exploiting a stack-based buffer overflow in the language configuration handler. Attackers can send sp...

This critical vulnerability in TOTOLINK A3300R routers allows remote attackers to execute arbitrary code via a buffer overflow in the UploadCustomModule function. Attackers can exploit this by sending...

CVE-2023-46992 is an authentication bypass vulnerability in TOTOLINK A3300R routers that allows unauthenticated attackers to reset critical passwords by accessing specific web pages. This affects user...

This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A3300R routers by injecting malicious input into the host_time parameter of the NTPSyncWithHost function. Attackers...