Vulnerabilities > Totolink > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-30 | CVE-2023-51133 | Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948.Web TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute. | 9.8 |
| 2023-12-30 | CVE-2023-51135 | Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948.Web TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup. | 9.8 |
| 2023-12-30 | CVE-2023-51136 | Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948.Web TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule. | 9.8 |
| 2023-12-25 | CVE-2023-7095 | Classic Buffer Overflow vulnerability in Totolink A7100Ru Firmware 7.4Cu.2313B20191024 A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. | 9.8 |
| 2023-12-22 | CVE-2023-50147 | OS Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513. | 9.8 |
| 2023-12-22 | CVE-2023-51011 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanPriDns parameter’ of the setLanConfig interface of the cstecgi .cgi | 9.8 |
| 2023-12-22 | CVE-2023-51012 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51013 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi. | 9.8 |
| 2023-12-22 | CVE-2023-51014 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi | 9.8 |
| 2023-12-22 | CVE-2023-51015 | Unspecified vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi | 9.8 |