Vulnerabilities > Totolink
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-01-15 | CVE-2024-57019 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313 TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAccountCfg. | 8.8 |
2025-01-15 | CVE-2024-57020 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313 TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg. | 8.8 |
2025-01-15 | CVE-2024-57021 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313 TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg. | 8.8 |
2025-01-15 | CVE-2024-57022 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313 TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg. | 8.8 |
2024-12-09 | CVE-2024-12352 | Out-of-bounds Write vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. | 9.8 |
2024-11-22 | CVE-2024-52723 | OS Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.1041B20240224 In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used without strict parameter filtering. | 9.8 |
2024-11-07 | CVE-2024-10966 | Unspecified vulnerability in Totolink X18 Firmware 9.1.0Cu.2024B20220329 A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu.2024_B20220329. | 8.8 |
2024-11-01 | CVE-2024-10654 | Authorization Bypass Through User-Controlled Key vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. | 9.1 |
2024-09-19 | CVE-2024-9001 | OS Command Injection vulnerability in Totolink T10 Firmware 4.1.8Cu.5207 A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. | 8.8 |
2024-09-16 | CVE-2024-46419 | Classic Buffer Overflow vulnerability in Totolink T8 Firmware 4.1.5Cu.861B20230220 TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg function via the ssid5g parameter. | 9.8 |