5 matches found
CVE-2026-15204
A vulnerability was detected in TOTOLINK X5000R 9.1.0cu.2415B20250515/9.1.0cu.2350B20230313. Affected by this vulnerability is the function exportOvpn of the file /web/cgi-bin/cstecgi.cgi of the component OpenVPN Export. The manipulation results in path traversal. The attack may be launched...
EUVD-2026-42660
A vulnerability was detected in TOTOLINK X5000R 9.1.0cu.2415B20250515/9.1.0cu.2350B20230313. Affected by this vulnerability is the function exportOvpn of the file /web/cgi-bin/cstecgi.cgi of the component OpenVPN Export. The manipulation results in path traversal. The attack may be launched...
CVE-2026-15204
TOTOLINK X5000R is affected by CVE-2026-15204. The OpenVPN Export feature (file /web/cgi-bin/cstecgi.cgi, function exportOvpn) is vulnerable to path traversal. The vulnerability can be exploited remotely. Details in connected records identify the affected product/version (9.1.0cu.2415_B20250515/9...
CVE-2024-8079
A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228. It has been rated as critical. This issue affects the function exportOvpn. The manipulation leads to buffer overflow. The attack may be initiated remotely. NOTE: The vendor was contacted early about this disclosure but did not...
CVE-2023-41349
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...