Ex1800t Firmware

ex1800t_firmware

Vendor: Totolink • 28 CVEs

CVEs (28)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-2370 1Totolink 1Ex1800t Firmware Apr 7, 2025 Mar 17, 2025 8.7 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been declared as critical. Affected by this vulnerability is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The man...Show more A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been declared as critical. Affected by this vulnerability is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliSsid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-2369 1Totolink 1Ex1800t Firmware Apr 7, 2025 Mar 17, 2025 8.7 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument a...Show more A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-2097 1Totolink 1Ex1800t Firmware Apr 3, 2025 Mar 7, 2025 8.7 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This issue affects the function setRptWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argu...Show more A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This issue affects the function setRptWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument loginpass leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-2096 1Totolink 1Ex1800t Firmware Apr 3, 2025 Mar 7, 2025 5.3 MEDIUM· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function setRebootScheCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mod...Show more A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function setRebootScheCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mode/week/minute/recHour leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-2095 1Totolink 1Ex1800t Firmware Apr 3, 2025 Mar 7, 2025 5.3 MEDIUM· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os comm...Show more A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-2094 1Totolink 1Ex1800t Firmware Apr 3, 2025 Mar 7, 2025 5.3 MEDIUM· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. It has been rated as critical. Affected by this issue is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the...Show more A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. It has been rated as critical. Affected by this issue is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliKey/key leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-1852 1Totolink 1Ex1800t Firmware Apr 3, 2025 Mar 3, 2025 8.7 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument p...Show more A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-12352 1Totolink 1Ex1800t Firmware Dec 10, 2024 Dec 9, 2024 5.3 MEDIUM· v4 9.8 CRITICAL· v3 4.0 MEDIUM· v2 A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function sub_40662C of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid l...Show more A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function sub_40662C of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-34257 1Totolink 1Ex1800t Firmware May 28, 2025 May 8, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType parameter that allows unauthorized execution of arbitrary commands, allowing an attacker to obtain device administrator privileges.
CVE-2023-52026 1Totolink 1Ex1800t Firmware Jun 11, 2025 Jan 12, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface
CVE-2023-51022 1Totolink 1Ex1800t Firmware Nov 21, 2024 Dec 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langFlag’ parameter of the setLanguageCfg interface of the cstecgi .cgi.
CVE-2023-51021 1Totolink 1Ex1800t Firmware Nov 21, 2024 Dec 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi.
CVE-2023-51020 1Totolink 1Ex1800t Firmware Nov 21, 2024 Dec 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi.
CVE-2023-51019 1Totolink 1Ex1800t Firmware Nov 21, 2024 Dec 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi.
CVE-2023-51018 1Totolink 1Ex1800t Firmware Apr 17, 2025 Dec 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘opmode’ parameter of the setWiFiApConfig interface of the cstecgi .cgi.
CVE-2023-51017 1Totolink 1Ex1800t Firmware Nov 21, 2024 Dec 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi.
CVE-2023-51016 1Totolink 1Ex1800t Firmware Nov 21, 2024 Dec 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi.
CVE-2023-51015 1Totolink 1Ex1800t Firmware Nov 21, 2024 Dec 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi
CVE-2023-51014 1Totolink 1Ex1800t Firmware Nov 21, 2024 Dec 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi
CVE-2023-51013 1Totolink 1Ex1800t Firmware Nov 21, 2024 Dec 22, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi.

12 Next