Vulnerabilities > Totolink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-22 | CVE-2023-51019 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51020 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51021 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51022 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langFlag’ parameter of the setLanguageCfg interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51033 | OS Command Injection vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023 TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi setOpModeCfg interface. | 9.8 |
| 2023-12-22 | CVE-2023-51034 | Unrestricted Upload of File with Dangerous Type vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023 TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface. | 9.8 |
| 2023-12-22 | CVE-2023-51035 | OS Command Injection vulnerability in Totolink Ex1200L Firmware 9.3.5U.6146B20201023 TOTOLINK EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface. | 9.8 |
| 2023-12-22 | CVE-2023-51023 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51024 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51025 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi. | 9.8 |