📦 A3600r Firmware

This CVE describes a command injection vulnerability in TOTOLink A3600R routers that allows attackers to execute arbitrary commands via the QUERY_STRING parameter. Attackers can gain full control of a...

This critical vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code via a buffer overflow in the UploadCustomModule function. Attackers can exploit this without au...

This critical vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code via a buffer overflow in the setWebWlanIdx function. Attackers can exploit this without authent...

This critical vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code via buffer overflow in the setUrlFilterRules function. Attackers can exploit this by sending sp...

A critical buffer overflow vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code by manipulating the FileName parameter in the firmware upgrade function. This affe...

A critical buffer overflow vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code by manipulating the 'comment' parameter in the setPortForwardRules function. This ...

A critical buffer overflow vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code by sending specially crafted requests to the setMacQos function. This affects TOTO...

This critical vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code via a buffer overflow in the setIpQosRules function. Attackers can exploit this by sending spec...

A critical buffer overflow vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code by sending specially crafted requests to the setdeviceName function. This affects ...

A critical buffer overflow vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code by manipulating the http_host parameter in the getSaveConfig function. This affect...

This vulnerability is a stack buffer overflow in the Totolink A3600R router's infostat.cgi component, triggered via the CONTENT_LENGTH parameter. Attackers can exploit this to cause a Denial of Servic...

This critical vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary operating system commands via command injection in the NTPSyncWithHost function. Attackers can explo...

This CVE describes a critical vulnerability in TOTOLINK A3600R routers where the Telnet service uses a hard-coded password in the product.ini file. Attackers can exploit this to gain unauthorized acce...