Vulnerabilities > Totolink > X5000R Firmware

DATE CVE VULNERABILITY TITLE RISK
2025-01-15 CVE-2024-57021 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2025-01-15 CVE-2024-57022 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0Cu.2350B20230313
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-13 CVE-2024-42737 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-13 CVE-2024-42738 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-13 CVE-2024-42739 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42741 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42742 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42743 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg .
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42744 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser.
network
low complexity
totolink CWE-78
8.8
8.8
2024-08-12 CVE-2024-42745 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg.
network
low complexity
totolink CWE-78
8.8
8.8