Vulnerabilities > Totolink

DATE CVE VULNERABILITY TITLE RISK
2024-08-13 CVE-2024-42739 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42741 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42742 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42743 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg .
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42744 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42745 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42747 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42748 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42546 Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504
TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function.
network
low complexity
totolink CWE-120
critical
 9.8
9.8
2024-08-12 CVE-2024-42547 Classic Buffer Overflow vulnerability in Totolink A3100R Firmware 4.1.2Cu.5050B20200504
TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
network
low complexity
totolink CWE-120
critical
 9.8
9.8