Vulnerabilities > Totolink > X5000R Firmware > 9.1.0cu.2350.b20230313

DATE CVE VULNERABILITY TITLE RISK
2023-08-21 CVE-2023-39617 Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2089B20211224/9.1.0Cu.2350B20230313
TOTOLINK X5000R_V9.1.0cu.2089_B20211224 and X5000R_V9.1.0cu.2350_B20230313 were discovered to contain a remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-06-06 CVE-2023-31569 Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the setWanCfg function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8