Vulnerabilities > Totolink > High

DATE CVE VULNERABILITY TITLE RISK
2025-01-15 CVE-2024-57018 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setVpnAccountCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2025-01-15 CVE-2024-57019 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAccountCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2025-01-15 CVE-2024-57020 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2025-01-15 CVE-2024-57021 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2025-01-15 CVE-2024-57022 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-11-07 CVE-2024-10966 Unspecified vulnerability in Totolink X18 Firmware 9.1.0Cu.2024B20220329
A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu.2024_B20220329.
network
low complexity
totolink
8.8
8.8
2024-09-19 CVE-2024-9001 OS Command Injection vulnerability in Totolink T10 Firmware 4.1.8Cu.5207
A vulnerability was found in TOTOLINK T10 4.1.8cu.5207.
network
low complexity
totolink CWE-78
8.8
8.8
2024-09-16 CVE-2024-46424 Classic Buffer Overflow vulnerability in Totolink T8 Firmware 4.1.5Cu.861B20230220
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the UploadCustomModule function, which allows attackers to cause a Denial of Service (DoS) via the File parameter.
network
low complexity
totolink CWE-120
7.5
7.5
2024-09-15 CVE-2024-8869 OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5.
network
high complexity
totolink CWE-78
8.1
8.1
2024-09-08 CVE-2024-8580 Use of Hard-coded Password vulnerability in Totolink T8 Firmware 4.1.5Cu.861B20230220
A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220.
network
high complexity
totolink CWE-259
8.1
8.1