Vulnerabilities > Totolink > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-08 CVE-2024-8573 Classic Buffer Overflow vulnerability in Totolink T10 Firmware and T8 Firmware
A vulnerability, which was classified as critical, was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207.
network
low complexity
totolink CWE-120
8.8
8.8
2024-08-13 CVE-2024-42737 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-13 CVE-2024-42738 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-13 CVE-2024-42739 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42741 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42742 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42743 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg .
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42744 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42745 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42747 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg.
network
low complexity
totolink CWE-78
8.8
8.8