Vulnerabilities > Totolink

DATE CVE VULNERABILITY TITLE RISK
2023-12-22 CVE-2023-51025 Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi.
network
low complexity
totolink
critical
9.8
2023-12-22 CVE-2023-51026 Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi.
network
low complexity
totolink
critical
9.8
2023-12-22 CVE-2023-51027 Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi.
network
low complexity
totolink
critical
9.8
2023-12-22 CVE-2023-51028 OS Command Injection vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316
TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi.
network
low complexity
totolink CWE-78
critical
9.8
2023-12-18 CVE-2023-6906 Classic Buffer Overflow vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024
A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024.
network
low complexity
totolink CWE-120
critical
9.8
2023-12-11 CVE-2023-49417 Out-of-bounds Write vulnerability in Totolink A7000R Firmware 9.1.0U.6115B20201022
TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg.
network
low complexity
totolink CWE-787
critical
9.8
2023-12-11 CVE-2023-49418 Out-of-bounds Write vulnerability in Totolink A7000R Firmware 9.1.0U.6115B20201022
TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerability via setIpPortFilterRules.
network
low complexity
totolink CWE-787
critical
9.8
2023-12-08 CVE-2023-6612 Unspecified vulnerability in Totolink X5000R Firmware 9.1.0Cu.2300B20230112
A vulnerability was found in Totolink X5000R 9.1.0cu.2300_B20230112.
network
low complexity
totolink
critical
9.8
2023-12-07 CVE-2023-48860 Unspecified vulnerability in Totolink N300Rt Firmware 3.2.4B20180730.0906
TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary code.
network
low complexity
totolink
critical
9.8
2023-12-06 CVE-2023-48859 Incorrect Authorization vulnerability in Totolink A3002Ru Firmware 2.0.0B20190902.1958
TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code.
network
low complexity
totolink CWE-863
8.8