Filtered by vendor Totolink
Subscriptions
Total
640 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-51016 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi. | ||||
| CVE-2023-51011 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2024-08-02 | 9.8 Critical |
| TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanPriDns parameter’ of the setLanConfig interface of the cstecgi .cgi | ||||
| CVE-2023-50651 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.852_B20230719 was discovered to contain a remote command execution (RCE) vulnerability via the component /cgi-bin/cstecgi.cgi. | ||||
| CVE-2023-49418 | 1 Totolink | 2 A7000r, A7000r Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerability via setIpPortFilterRules. | ||||
| CVE-2023-49417 | 1 Totolink | 2 A7000r, A7000r Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg. | ||||
| CVE-2023-48860 | 1 Totolink | 2 N300rt, N300rt Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary code. | ||||
| CVE-2023-48859 | 1 Totolink | 2 A3002ru, A3002ru Firmware | 2024-08-02 | 8.8 High |
| TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code. | ||||
| CVE-2023-48803 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability. | ||||
| CVE-2023-48811 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function that when passed to the CsteSystem function creates a command execution vulnerability. | ||||
| CVE-2023-48807 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability. | ||||
| CVE-2023-48812 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function that when passed to the CsteSystem function creates a command execution vulnerability. | ||||
| CVE-2023-48806 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability. | ||||
| CVE-2023-48799 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| TOTOLINK-X6000R Firmware-V9.4.0cu.852_B20230719 is vulnerable to Command Execution. | ||||
| CVE-2023-48802 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability. | ||||
| CVE-2023-48810 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability. | ||||
| CVE-2023-48808 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability. | ||||
| CVE-2023-48805 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability. | ||||
| CVE-2023-48800 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_417338 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability. | ||||
| CVE-2023-48801 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_415534 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability. | ||||
| CVE-2023-48804 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-02 | 9.8 Critical |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability. | ||||