Vulnerabilities > Totolink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-31 | CVE-2023-7187 | Stack-based Buffer Overflow vulnerability in Totolink N350Rt Firmware 9.3.5U.6139B20201216 A vulnerability was found in Totolink N350RT 9.3.5u.6139_B20201216. | 8.8 |
| 2023-12-30 | CVE-2023-50651 | OS Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719 TOTOLINK X6000R v9.4.0cu.852_B20230719 was discovered to contain a remote command execution (RCE) vulnerability via the component /cgi-bin/cstecgi.cgi. | 9.8 |
| 2023-12-30 | CVE-2023-51133 | Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948.Web TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute. | 9.8 |
| 2023-12-30 | CVE-2023-51135 | Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948.Web TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup. | 9.8 |
| 2023-12-30 | CVE-2023-51136 | Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948.Web TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule. | 9.8 |
| 2023-12-25 | CVE-2023-7095 | Classic Buffer Overflow vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. | 9.8 |
| 2023-12-22 | CVE-2023-50147 | OS Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. | 9.8 |
| 2023-12-22 | CVE-2023-51011 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanPriDns parameter’ of the setLanConfig interface of the cstecgi .cgi | 9.8 |
| 2023-12-22 | CVE-2023-51012 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51013 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi. | 9.8 |