Vulnerabilities > Totolink

DATE CVE VULNERABILITY TITLE RISK
2024-08-22 CVE-2024-8075 OS Command Injection vulnerability in Totolink T8 Firmware 4.1.5Cu.862B20230228
A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical.
network
low complexity
totolink CWE-78
critical
9.8
2024-08-22 CVE-2024-8076 Classic Buffer Overflow vulnerability in Totolink T8 Firmware 4.1.5Cu.862B20230228
A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical.
network
low complexity
totolink CWE-120
critical
9.8
2024-08-22 CVE-2024-8077 OS Command Injection vulnerability in Totolink T8 Firmware 4.1.5Cu.862B20230228
A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228.
network
low complexity
totolink CWE-78
critical
9.8
2024-08-18 CVE-2024-7909 Out-of-bounds Write vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023
A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical.
network
low complexity
totolink CWE-787
critical
9.8
2024-08-18 CVE-2024-7908 Out-of-bounds Write vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023.
network
low complexity
totolink CWE-787
critical
9.8
2024-08-18 CVE-2024-7907 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719
A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.852_20230719.
network
low complexity
totolink CWE-77
critical
9.8
2024-08-15 CVE-2024-42966 Unspecified vulnerability in Totolink N350Rt Firmware 9.3.5U.6139B20201216
Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh.
network
low complexity
totolink
critical
9.8
2024-08-15 CVE-2024-42967 Unspecified vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309
Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh.
network
low complexity
totolink
critical
9.8
2024-08-13 CVE-2024-42737 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist.
network
low complexity
totolink CWE-78
8.8
2024-08-13 CVE-2024-42738 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg.
network
low complexity
totolink CWE-78
8.8