Filtered by vendor Totolink
Subscribe
Total
970 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46547 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSysLog. | |||||
| CVE-2023-46412 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function. | |||||
| CVE-2023-46411 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function. | |||||
| CVE-2023-46410 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 416F60 function. | |||||
| CVE-2023-46413 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function. | |||||
| CVE-2023-46408 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 41DD80 function. | |||||
| CVE-2023-46409 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function. | |||||
| CVE-2023-46574 | 1 Totolink | 2 A3700r, A3700r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function. | |||||
| CVE-2023-36955 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2023-10-19 | N/A | 9.8 CRITICAL |
| TOTOLINK CP300+ <=V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule. | |||||
| CVE-2023-36953 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2023-10-19 | N/A | 9.8 CRITICAL |
| TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection. | |||||
| CVE-2023-36954 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2023-10-19 | N/A | 9.8 CRITICAL |
| TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection. | |||||
| CVE-2023-36952 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2023-10-19 | N/A | 9.8 CRITICAL |
| TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg. | |||||
| CVE-2023-36340 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2023-10-19 | N/A | 9.8 CRITICAL |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. | |||||
| CVE-2023-39618 | 1 Totolink | 2 X5000r, X5000r Firmware | 2023-08-25 | N/A | 9.8 CRITICAL |
| TOTOLINK X5000R B20210419 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg interface. | |||||
| CVE-2023-39617 | 1 Totolink | 2 X5000r, X5000r Firmware | 2023-08-25 | N/A | 9.8 CRITICAL |
| TOTOLINK X5000R_V9.1.0cu.2089_B20211224 and X5000R_V9.1.0cu.2350_B20230313 were discovered to contain a remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function. | |||||
| CVE-2023-40042 | 1 Totolink | 2 T10 V2, T10 V2 Firmware | 2023-08-11 | N/A | 9.8 CRITICAL |
| TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setStaticDhcpConfig in /lib/cste_modules/lan.so. Attackers can send crafted data in an MQTT packet, via the comment parameter, to control the return address and execute code. | |||||
| CVE-2023-40041 | 1 Totolink | 2 T10 V2, T10 V2 Firmware | 2023-08-11 | N/A | 9.8 CRITICAL |
| TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setWiFiWpsConfig in /lib/cste_modules/wps.so. Attackers can send crafted data in an MQTT packet, via the pin parameter, to control the return address and execute code. | |||||
| CVE-2021-42890 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function NTPSyncWithHost of the file system.so which can control hostTime to attack. | |||||
| CVE-2022-41518 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2023-08-08 | N/A | 9.8 CRITICAL |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the UploadFirmwareFile function at /cgi-bin/cstecgi.cgi. | |||||
| CVE-2022-26212 | 1 Totolink | 12 A3000ru, A3000ru Firmware, A3100r and 9 more | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function setDeviceName, via the deviceMac and deviceName parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||||