Vulnerabilities > Totolink > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-25 CVE-2023-46418 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_412688 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46419 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415730 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46420 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41590C function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46421 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411D00 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46422 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411994 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46423 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_417094 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46424 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_422BD4 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46540 Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formNtp.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2023-10-25 CVE-2023-46541 Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpv6Setup.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2023-10-25 CVE-2023-46542 Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMeshUploadConfig.
network
low complexity
totolink CWE-787
critical
 9.8
9.8