Total
39 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46424 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-12 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_422BD4 function. | |||||
| CVE-2023-46423 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_417094 function. | |||||
| CVE-2023-46422 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411994 function. | |||||
| CVE-2023-46421 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411D00 function. | |||||
| CVE-2023-46420 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41590C function. | |||||
| CVE-2023-46419 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415730 function. | |||||
| CVE-2023-46418 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_412688 function. | |||||
| CVE-2023-46417 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415498 function. | |||||
| CVE-2023-46416 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ The 41A414 function. | |||||
| CVE-2023-46415 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41E588 function. | |||||
| CVE-2023-46414 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function. | |||||
| CVE-2023-46979 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-06 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R V9.4.0cu.852_B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function. | |||||
| CVE-2023-46978 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-06 | N/A | 7.5 HIGH |
| TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords without authentication. | |||||
| CVE-2023-46485 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-06 | N/A | 9.8 CRITICAL |
| An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component. | |||||
| CVE-2023-46484 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-06 | N/A | 9.8 CRITICAL |
| An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setLedCfg function. | |||||
| CVE-2023-52042 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-30 | N/A | 9.8 CRITICAL |
| An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the 'lang' parameter. | |||||
| CVE-2024-7907 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-19 | 6.5 MEDIUM | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.852_20230719. This issue affects the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument rtLogServer leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-52040 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-08-01 | N/A | 9.8 CRITICAL |
| An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the sub_41284C function. | |||||
| CVE-2024-1661 | 1 Totolink | 1 X6000r Firmware | 2024-05-17 | 1.0 LOW | 5.5 MEDIUM |
| A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719. Affected by this vulnerability is an unknown functionality of the file /etc/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254179. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-52038 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-02-05 | N/A | 9.8 CRITICAL |
| An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the sub_415C80 function. | |||||