Vulnerabilities > Totolink > X2000R Firmware > 1.0.0.b20230221.0948

DATE CVE VULNERABILITY TITLE RISK
2024-03-20 CVE-2024-29419 Cross-site Scripting vulnerability in Totolink X2000R Firmware 1.0.0B20221212.1452/1.0.0B20230221.0948/1.0.0B20230221.0948.Web
There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013.
network
low complexity
totolink CWE-79
5.4
5.4
2024-03-15 CVE-2024-28401 Cross-site Scripting vulnerability in Totolink X2000R Firmware 1.0.0B20221212.1452/1.0.0B20230221.0948/1.0.0B20230221.0948.Web
TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless Page.
network
low complexity
totolink CWE-79
5.4
5.4
2024-03-15 CVE-2024-28403 Cross-site Scripting vulnerability in Totolink X2000R Firmware 1.0.0B20221212.1452/1.0.0B20230221.0948/1.0.0B20230221.0948.Web
TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting (XSS) via the VPN Page.
network
low complexity
totolink CWE-79
5.4
5.4
2023-10-25 CVE-2023-46540 Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formNtp.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2023-10-25 CVE-2023-46541 Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpv6Setup.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2023-10-25 CVE-2023-46542 Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMeshUploadConfig.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2023-10-25 CVE-2023-46543 Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlSiteSurvey.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2023-10-25 CVE-2023-46544 Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWirelessTbl.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2023-10-25 CVE-2023-46545 Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWsc.
network
low complexity
totolink CWE-787
critical
 9.8
9.8
2023-10-25 CVE-2023-46546 Out-of-bounds Write vulnerability in Totolink X2000R Firmware 1.0.0B20230221.0948
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formStats.
network
low complexity
totolink CWE-787
critical
 9.8
9.8