Vulnerabilities > Totolink > X5000R Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2021-45733 | Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102 TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a command injection vulnerability in the function NTPSyncWithHost. | 9.8 |
| 2022-02-04 | CVE-2021-45734 | Unspecified vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102 TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setUrlFilterRules. | 7.5 |
| 2022-02-04 | CVE-2021-45735 | Cleartext Transmission of Sensitive Information vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102 TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software. | 7.5 |
| 2022-02-04 | CVE-2021-45736 | Unspecified vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102 TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setL2tpServerCfg. | 7.5 |
| 2022-02-04 | CVE-2021-45738 | Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102 TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a command injection vulnerability in the function UploadFirmwareFile. | 9.8 |
| 2022-02-04 | CVE-2021-45741 | Unspecified vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102 TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setIpv6Cfg. | 7.5 |
| 2021-04-14 | CVE-2021-27710 | OS Command Injection vulnerability in Totolink A720R Firmware and X5000R Firmware Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. | 9.8 |
| 2021-04-14 | CVE-2021-27708 | OS Command Injection vulnerability in Totolink A720R Firmware and X5000R Firmware Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. | 9.8 |