Filtered by vendor Totolink
Subscribe
Total
515 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23057 | 1 Totolink | 2 A3300r, A3300r Firmware | 2024-01-18 | N/A | 9.8 CRITICAL |
| TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function. | |||||
| CVE-2024-22942 | 1 Totolink | 2 A3300r, A3300r Firmware | 2024-01-18 | N/A | 9.8 CRITICAL |
| TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function. | |||||
| CVE-2023-52027 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function. | |||||
| CVE-2023-52028 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function. | |||||
| CVE-2023-52029 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function. | |||||
| CVE-2023-52030 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function. | |||||
| CVE-2023-52031 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function. | |||||
| CVE-2023-52032 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2024-01-17 | N/A | 9.8 CRITICAL |
| TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) vulnerability via the "main" function. | |||||
| CVE-2022-46025 | 1 Totolink | 2 N200re V5, N200re V5 Firmware | 2024-01-17 | N/A | 9.1 CRITICAL |
| Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page. | |||||
| CVE-2023-51133 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-01-05 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute. | |||||
| CVE-2023-51135 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-01-05 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup. | |||||
| CVE-2023-51136 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-01-05 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule. | |||||
| CVE-2023-50651 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-01-05 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.852_B20230719 was discovered to contain a remote command execution (RCE) vulnerability via the component /cgi-bin/cstecgi.cgi. | |||||
| CVE-2023-51034 | 1 Totolink | 2 Ex1200l, Ex1200l Firmware | 2024-01-03 | N/A | 9.8 CRITICAL |
| TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface. | |||||
| CVE-2023-51035 | 1 Totolink | 2 Ex1200l, Ex1200l Firmware | 2024-01-03 | N/A | 9.8 CRITICAL |
| TOTOLINK EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface. | |||||
| CVE-2023-51033 | 1 Totolink | 2 Ex1200l, Ex1200l Firmware | 2023-12-29 | N/A | 9.8 CRITICAL |
| TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi setOpModeCfg interface. | |||||
| CVE-2023-51028 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2023-12-29 | N/A | 9.8 CRITICAL |
| TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi. | |||||
| CVE-2023-50147 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-12-29 | N/A | 9.8 CRITICAL |
| There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. | |||||
| CVE-2023-51023 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2023-12-27 | N/A | 9.8 CRITICAL |
| TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi. | |||||
| CVE-2023-51024 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2023-12-27 | N/A | 9.8 CRITICAL |
| TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi. | |||||