Ex1200t Firmware

ex1200t_firmware

Vendor: Totolink • 37 CVEs

CVEs (37)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-28039 1Totolink 1Ex1200t Firmware Apr 29, 2025 Apr 22, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter.
CVE-2025-28038 1Totolink 1Ex1200t Firmware Apr 29, 2025 Apr 22, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter.
CVE-2023-52032 1Totolink 1Ex1200t Firmware Jun 17, 2025 Jan 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) vulnerability via the "main" function.
CVE-2021-42893 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 3, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization through getSysStatusCfg.
CVE-2021-42892 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 3, 2022 N/A· v4 4.3 MEDIUM· v3 5.0 MEDIUM· v2 In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the default username and password exists in the firmware.
CVE-2021-42891 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 3, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization.
CVE-2021-42890 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 3, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function NTPSyncWithHost of the file system.so which can control hostTime to attack.
CVE-2021-42889 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 3, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, wifiname, etc.) without authorization.
CVE-2021-42888 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 3, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setLanguageCfg of the file global.so which can control langType to attack.
CVE-2021-42887 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 3, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm.
CVE-2021-42886 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 3, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file.
CVE-2021-42885 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 3, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceMac of the file global.so which can control deviceName to attack.
CVE-2021-42884 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 3, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceName of the file global.so which can control thedeviceName to attack.
CVE-2021-42877 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 2, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.
CVE-2021-42875 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 2, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cste_modules/system.so to control the ipDoamin.
CVE-2021-42872 1Totolink 1Ex1200t Firmware Nov 21, 2024 Jun 2, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code.
CVE-2022-25008 1Totolink 2Ex1200t Firmware Ex300 V2 Firmware Nov 21, 2024 Mar 30, 2022 N/A· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an authentication mechanism.

Previous 12