Vulnerabilities > Totolink
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-22 | CVE-2024-8079 | Classic Buffer Overflow vulnerability in Totolink T8 Firmware 4.1.5Cu.862B20230228 A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228. | 9.8 |
| 2024-08-22 | CVE-2024-8075 | OS Command Injection vulnerability in Totolink T8 Firmware 4.1.5Cu.862B20230228 A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. | 9.8 |
| 2024-08-22 | CVE-2024-8076 | Classic Buffer Overflow vulnerability in Totolink T8 Firmware 4.1.5Cu.862B20230228 A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. | 9.8 |
| 2024-08-22 | CVE-2024-8077 | OS Command Injection vulnerability in Totolink T8 Firmware 4.1.5Cu.862B20230228 A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228. | 9.8 |
| 2024-08-18 | CVE-2024-7909 | Out-of-bounds Write vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023 A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical. | 9.8 |
| 2024-08-18 | CVE-2024-7908 | Out-of-bounds Write vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023 A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. | 9.8 |
| 2024-08-18 | CVE-2024-7907 | Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.852B20230719 A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.852_20230719. | 9.8 |
| 2024-08-15 | CVE-2024-42966 | Unspecified vulnerability in Totolink N350Rt Firmware 9.3.5U.6139B20201216 Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh. | 9.8 |
| 2024-08-15 | CVE-2024-42967 | Unspecified vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh. | 9.8 |
| 2024-08-13 | CVE-2024-42737 | OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113 In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist. | 8.8 |