Vulnerabilities > Totolink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-18 | CVE-2024-7909 | Out-of-bounds Write vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023 A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical. | 9.8 |
| 2024-08-18 | CVE-2024-7908 | Out-of-bounds Write vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023 A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. | 9.8 |
| 2024-08-18 | CVE-2024-7907 | Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719 A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.852_20230719. | 9.8 |
| 2024-08-15 | CVE-2024-42966 | Unspecified vulnerability in Totolink N350Rt Firmware 9.3.5U.6139B20201216 Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh. | 9.8 |
| 2024-08-15 | CVE-2024-42967 | Unspecified vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh. | 9.8 |
| 2024-08-13 | CVE-2024-42737 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist. | 8.8 |
| 2024-08-13 | CVE-2024-42738 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. | 8.8 |
| 2024-08-13 | CVE-2024-42739 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. | 8.8 |
| 2024-08-12 | CVE-2024-42741 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. | 8.8 |
| 2024-08-12 | CVE-2024-42742 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules. | 8.8 |