Vulnerabilities > Totolink > Ex1200T Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-06-03 CVE-2021-42893 Missing Authentication for Critical Function vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization through getSysStatusCfg.
network
low complexity
totolink CWE-306
7.5
2022-06-03 CVE-2021-42891 Missing Authentication for Critical Function vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization.
network
low complexity
totolink CWE-306
7.5
2022-06-03 CVE-2021-42889 Missing Authentication for Critical Function vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, wifiname, etc.) without authorization.
network
low complexity
totolink CWE-306
7.5
2022-06-03 CVE-2021-42886 Information Exposure vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file.
network
low complexity
totolink CWE-200
7.5
2022-06-02 CVE-2021-42877 Unspecified vulnerability in Totolink Ex1200T Firmware 4.1.2Cu.5215
TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.
network
low complexity
totolink
7.5
2022-03-30 CVE-2022-25008 Missing Authentication for Critical Function vulnerability in Totolink Ex1200T Firmware and Ex300 V2 Firmware
totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an authentication mechanism.
low complexity
totolink CWE-306
8.8