Vulnerabilities > Totolink > X6000R Firmware > 9.4.0cu.652.b20230116

DATE CVE VULNERABILITY TITLE RISK
2023-12-01 CVE-2023-43453 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116/9.4.0Cu.852B20230719
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-12-01 CVE-2023-43454 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116/9.4.0Cu.852B20230719
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the hostName parameter of the switchOpMode component.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-12-01 CVE-2023-43455 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116/9.4.0Cu.852B20230719
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46408 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 41DD80 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46409 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46410 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 416F60 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46411 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46412 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46413 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8
2023-10-25 CVE-2023-46414 Command Injection vulnerability in Totolink X6000R Firmware 9.4.0Cu.652B20230116
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function.
network
low complexity
totolink CWE-77
critical
 9.8
9.8