Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Totolink Subscribe
Total 1037 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-46419 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415730 function.
CVE-2023-46418 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_412688 function.
CVE-2023-46417 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415498 function.
CVE-2023-46416 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ The 41A414 function.
CVE-2023-46415 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41E588 function.
CVE-2023-46414 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function.
CVE-2023-46413 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function.
CVE-2023-46412 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function.
CVE-2023-46411 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function.
CVE-2023-46410 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 416F60 function.
CVE-2023-46409 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function.
CVE-2023-46408 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 41DD80 function.
CVE-2023-45985 1 Totolink 4 A7000r, A7000r Firmware, X5000r and 1 more 2024-11-21 N/A 7.5 HIGH
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 were discovered to contain a stack overflow in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2023-45984 1 Totolink 4 A7000r, A7000r Firmware, X5000r and 1 more 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.
CVE-2023-43455 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component.
CVE-2023-43454 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the hostName parameter of the switchOpMode component.
CVE-2023-43453 1 Totolink 2 X6000r, X6000r Firmware 2024-11-21 N/A 9.8 CRITICAL
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component.
CVE-2023-43141 1 Totolink 4 A3700r, A3700r Firmware, N600r and 1 more 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.
CVE-2023-40042 1 Totolink 2 T10 V2, T10 V2 Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setStaticDhcpConfig in /lib/cste_modules/lan.so. Attackers can send crafted data in an MQTT packet, via the comment parameter, to control the return address and execute code.
CVE-2023-40041 1 Totolink 2 T10 V2, T10 V2 Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setWiFiWpsConfig in /lib/cste_modules/wps.so. Attackers can send crafted data in an MQTT packet, via the pin parameter, to control the return address and execute code.