← Back

Totolink

totolink

1,106 CVEs • 155 products

Products (155)

Click to collapse
Toggle
X5000r Firmware
x5000r_firmware
70 CVEs
A3300r Firmware
a3300r_firmware
64 CVEs
A3002r Firmware
a3002r_firmware
61 CVEs
X6000r Firmware
x6000r_firmware
57 CVEs
A3002ru Firmware
a3002ru_firmware
49 CVEs
A3100r Firmware
a3100r_firmware
47 CVEs
X2000r Firmware
x2000r_firmware
45 CVEs
A3700r Firmware
a3700r_firmware
43 CVEs
T6 Firmware
t6_firmware
39 CVEs
N600r Firmware
n600r_firmware
38 CVEs
Ex1200t Firmware
ex1200t_firmware
37 CVEs
A7100ru Firmware
a7100ru_firmware
37 CVEs
Lr350 Firmware
lr350_firmware
36 CVEs
A7000r Firmware
a7000r_firmware
35 CVEs
A950rg Firmware
a950rg_firmware
33 CVEs
A702r Firmware
a702r_firmware
32 CVEs
A810r Firmware
a810r_firmware
29 CVEs
A720r Firmware
a720r_firmware
28 CVEs
Ex1800t Firmware
ex1800t_firmware
28 CVEs
Nr1800x Firmware
nr1800x_firmware
27 CVEs
T8 Firmware
t8_firmware
26 CVEs
A830r Firmware
a830r_firmware
25 CVEs
A3000ru Firmware
a3000ru_firmware
25 CVEs
A3600r Firmware
a3600r_firmware
25 CVEs
X15 Firmware
x15_firmware
25 CVEs
Ca300 Poe Firmware
ca300-poe_firmware
24 CVEs
A800r Firmware
a800r_firmware
23 CVEs
T10 Firmware
t10_firmware
22 CVEs
N200re Firmware
n200re_firmware
21 CVEs
N350rt Firmware
n350rt_firmware
21 CVEs
N150rt Firmware
n150rt_firmware
19 CVEs
Ex200 Firmware
ex200_firmware
19 CVEs
Lr1200gb Firmware
lr1200gb_firmware
19 CVEs
Cp450 Firmware
cp450_firmware
19 CVEs
X18 Firmware
x18_firmware
14 CVEs
Cp900 Firmware
cp900_firmware
13 CVEs
A6000r Firmware
a6000r_firmware
13 CVEs
N300rt Firmware
n300rt_firmware
11 CVEs
Ex1200l Firmware
ex1200l_firmware
11 CVEs
Ca600 Poe Firmware
ca600-poe_firmware
10 CVEs
A860r Firmware
a860r_firmware
8 CVEs
Cp900l Firmware
cp900l_firmware
8 CVEs
Cp300+ Firmware
cp300+_firmware
7 CVEs
N300rh Firmware
n300rh_firmware
7 CVEs
Ex300 V2 Firmware
ex300_v2_firmware
6 CVEs
N100re Firmware
n100re_firmware
5 CVEs
N301rt Firmware
n301rt_firmware
4 CVEs
N302r Firmware
n302r_firmware
4 CVEs
T10 V2 Firmware
t10_v2_firmware
4 CVEs
N200re V5 Firmware
n200re-v5_firmware
4 CVEs
N300rh V3 Firmware
n300rh-v3_firmware
3 CVEs
N302r Plus Firmware
n302r_plus_firmware
3 CVEs
Wa300 Firmware
wa300_firmware
3 CVEs
A850r V1 Firmware
a850r-v1_firmware
2 CVEs
F1 V2 Firmware
f1-v2_firmware
2 CVEs
F2 V1 Firmware
f2-v1_firmware
2 CVEs
N150rt V2 Firmware
n150rt-v2_firmware
2 CVEs
N151rt V2 Firmware
n151rt-v2_firmware
2 CVEs
N300rh V2 Firmware
n300rh-v2_firmware
2 CVEs
N300rt V2 Firmware
n300rt-v2_firmware
2 CVEs
A8000ru Firmware
a8000ru_firmware
2 CVEs
Lr1200 Firmware
lr1200_firmware
2 CVEs
N350r Firmware
n350r_firmware
2 CVEs
A3002ru V1 Firmware
a3002ru-v1_firmware
1 CVE
A3002ru V2 Firmware
a3002ru-v2_firmware
1 CVE
A702r V2 Firmware
a702r-v2_firmware
1 CVE
A702r V3 Firmware
a702r-v3_firmware
1 CVE
N100re V3 Firmware
n100re-v3_firmware
1 CVE
N200re V3 Firmware
n200re-v3_firmware
1 CVE
N200re V4 Firmware
n200re-v4_firmware
1 CVE
N210re Firmware
n210re_firmware
1 CVE
Ar3100r Firmware
ar3100r_firmware
1 CVE
A7000ru Firmware
a7000ru_firmware
1 CVE
A3002ru V3 Firmware
a3002ru-v3_firmware
1 CVE
A6000ub Firmware
a6000ub_firmware
1 CVE
N300rb Firmware
n300rb_firmware
1 CVE
Wa1200 Poe
wa1200-poe
1 CVE
Wa1200 Poe Firmware
wa1200-poe_firmware
1 CVE
Soho
soho
0 CVEs
A3002ru
a3002ru
0 CVEs
A702r
a702r
0 CVEs
N301rt
n301rt
0 CVEs
N302r
n302r
0 CVEs
N300rt
n300rt
0 CVEs
N200re
n200re
0 CVEs
N150rt
n150rt
0 CVEs
N100re
n100re
0 CVEs
A850r V1
a850r-v1
0 CVEs
F1 V2
f1-v2
0 CVEs
F2 V1
f2-v1
0 CVEs
N150rt V2
n150rt-v2
0 CVEs
N151rt V2
n151rt-v2
0 CVEs
N300rh V2
n300rh-v2
0 CVEs
N300rh V3
n300rh-v3
0 CVEs
N300rt V2
n300rt-v2
0 CVEs
A3002r
a3002r
0 CVEs
A3002ru V1
a3002ru-v1
0 CVEs
A3002ru V2
a3002ru-v2
0 CVEs
A702r V2
a702r-v2
0 CVEs
A702r V3
a702r-v3
0 CVEs

CVEs (1,106)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-48859
1Totolink
1A3002ru Firmware
Nov 21, 2024
Dec 6, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code.
CVE-2023-48800
1Totolink
1X6000r Firmware
Nov 21, 2024
Dec 4, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_417338 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resultin...Show more
In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_417338 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability.Show less
CVE-2023-48799
1Totolink
1X6000r Firmware
Nov 21, 2024
Dec 4, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK-X6000R Firmware-V9.4.0cu.852_B20230719 is vulnerable to Command Execution.
CVE-2023-48801
1Totolink
1X6000r Firmware
Nov 21, 2024
Dec 1, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_415534 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resultin...Show more
In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_415534 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability.Show less
CVE-2023-43455
1Totolink
1X6000r Firmware
Nov 21, 2024
Dec 1, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component.
CVE-2023-43454
1Totolink
1X6000r Firmware
Nov 21, 2024
Dec 1, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the hostName parameter of the switchOpMode component.
CVE-2023-43453
1Totolink
1X6000r Firmware
Nov 21, 2024
Dec 1, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component.
CVE-2023-48812
1Totolink
1X6000r Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function that when passed to the CsteSystem function creates a command execution...Show more
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function that when passed to the CsteSystem function creates a command execution vulnerability.Show less
CVE-2023-48811
1Totolink
1X6000r Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function that when passed to the CsteSystem function creates a command execution...Show more
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function that when passed to the CsteSystem function creates a command execution vulnerability.Show less
CVE-2023-48810
1Totolink
1X6000r Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vuln...Show more
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability.Show less
CVE-2023-48808
1Totolink
1X6000r Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vuln...Show more
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability.Show less
CVE-2023-48807
1Totolink
1X6000r Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vuln...Show more
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability.Show less
CVE-2023-48806
1Totolink
1X6000r Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vuln...Show more
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability.Show less
CVE-2023-48805
1Totolink
1X6000r Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vuln...Show more
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability.Show less
CVE-2023-48804
1Totolink
1X6000r Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vuln...Show more
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability.Show less
CVE-2023-48803
1Totolink
1X6000r Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vuln...Show more
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability.Show less
CVE-2023-48802
1Totolink
1X6000r Firmware
Jun 5, 2025
Nov 30, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vuln...Show more
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a command execution vulnerability.Show less
CVE-2023-48192
1Totolink
1A3700r Firmware
Nov 21, 2024
Nov 20, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function.
CVE-2023-46485
1Totolink
1X6000r Firmware
Nov 21, 2024
Oct 31, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component.
CVE-2023-46484
1Totolink
1X6000r Firmware
Nov 21, 2024
Oct 31, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setLedCfg function.