Vulnerabilities > Totolink > X5000R Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-17 CVE-2024-25468 OS Command Injection vulnerability in Totolink X5000R Firmware 9.1.0U.6369B20230113
An issue in TOTOLINK X5000R V.9.1.0u.6369_B20230113 allows a remote attacker to cause a denial of service via the host_time parameter of the NTPSyncWithHost component.
network
low complexity
totolink CWE-78
7.5
2023-10-16 CVE-2023-45985 Out-of-bounds Write vulnerability in Totolink A7000R Firmware and X5000R Firmware
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 were discovered to contain a stack overflow in the function setParentalRules.
network
low complexity
totolink CWE-787
7.5
2023-05-31 CVE-2023-33485 Out-of-bounds Write vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102/9.1.0U.6369B20230113
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a post-authentication buffer overflow via parameter sPort/ePort in the addEffect function.
network
low complexity
totolink CWE-787
8.8
2022-02-04 CVE-2021-45734 Unspecified vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setUrlFilterRules.
network
low complexity
totolink
7.5
2022-02-04 CVE-2021-45735 Cleartext Transmission of Sensitive Information vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software.
network
low complexity
totolink CWE-319
7.5
2022-02-04 CVE-2021-45736 Unspecified vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setL2tpServerCfg.
network
low complexity
totolink
7.5
2022-02-04 CVE-2021-45741 Unspecified vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setIpv6Cfg.
network
low complexity
totolink
7.5