Vulnerabilities > Totolink > X2000R Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-20 | CVE-2024-29419 | Cross-site Scripting vulnerability in Totolink X2000R Firmware 1.0.0B20221212.1452/1.0.0B20230221.0948/1.0.0B20230221.0948.Web There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013. | 5.4 |
| 2024-03-15 | CVE-2024-28401 | Cross-site Scripting vulnerability in Totolink X2000R Firmware 1.0.0B20221212.1452/1.0.0B20230221.0948/1.0.0B20230221.0948.Web TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless Page. | 5.4 |
| 2024-03-15 | CVE-2024-28403 | Cross-site Scripting vulnerability in Totolink X2000R Firmware 1.0.0B20221212.1452/1.0.0B20230221.0948/1.0.0B20230221.0948.Web TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting (XSS) via the VPN Page. | 5.4 |