Search Results | AttackerKB

Show filters

Topics 610 Users 9,744

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

610 Total Results

Displaying 421-430 of 610

Attacker Value

Unknown

CVE-2022-36611

Disclosure Date: August 29, 2022 (last updated February 24, 2025)

TOTOLINK A800R V4.1.2cu.5137_B20200730 was discovered to contain a hardcoded password for root at /etc/shadow.sample.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-36610

Disclosure Date: August 29, 2022 (last updated February 24, 2025)

TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-37084

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the sPort parameter at the addEffect function.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-37083

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the ip parameter at the function setDiagnosisCfg.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-37082

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the host_time parameter at the function NTPSyncWithHost.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-37081

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the command parameter at setting/setTracerouteCfg.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-37080

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the command parameter at setting/setTracerouteCfg.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-37079

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-37078

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the lang parameter at /setting/setLanguageCfg.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-37077

Disclosure Date: August 25, 2022 (last updated February 24, 2025)

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the pppoeUser parameter.

Attack Vector: Local Privileges: Low User Interaction: None

0