CVE-2024-28403

TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting XSS via the VPN Page...

TOTOLINK A3002R Cross Site Scripting Vulnerability

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter Comment in the component VPN Page, for which no...

CVE-2025-4852

A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects some unknown processing of the component VPN Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2025-4852

A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects some unknown processing of the component VPN Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2025-4852 TOTOLINK A3002R VPN Page cross site scripting

A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects some unknown processing of the component VPN Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2025-4852

CVE-2025-4852 affects TOTOLINK A3002R (firmware 2.1.1-B20230720.1011) in the VPN Page component. The vulnerability is a cross-site scripting (XSS) flaw caused by improper handling of the Comment parameter. It can be triggered remotely and, per sources in PT-2025-21827 and other references, has le...

CVE-2025-4852 TOTOLINK A3002R VPN Page cross site scripting

A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects some unknown processing of the component VPN Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be initiated remotely. The...

PT-2025-21827 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R version 2.1.1-B20230720.1011 Description: A problematic issue has been found in the VPN Page component of the affected software. The manipulation of the Comment argument leads to cross-site scripting. This issue can be exploit...

TOTOLINK X2000R VPN Page Page Cross-Site Scripting Vulnerability

TOTOLINK X2000R is a WiFi 6 router from China's Gion Electronics that supports Gigabit network and Easy Mesh features with multi-device connectivity and wireless expansion capabilities. The TOTOLINK X2000R suffers from a cross-site scripting vulnerability that stems from the lack of effective...

CVE-2024-28403

TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting XSS via the VPN Page...

TOTOLINK X2000R 安全漏洞

TOTOLINK X2000R is a WiFi 6 router from China's Gion Electronics that supports Gigabit network and Easy Mesh features with multi-device connectivity and wireless expansion capabilities. The TOTOLINK X2000R suffers from a cross-site scripting vulnerability that stems from the lack of effective...

CVE-2024-28403

TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting XSS via the VPN Page...

CVE-2024-28403

TOTOLINK X2000R (before V1.0.0-B20231213.1013) is vulnerable to Cross Site Scripting (XSS) via the VPN Page. The root cause cited is lack of proper filtering/escaping of user-supplied data on the VPN Page. No remediation or fix version is specified in the provided documents. Exploitation details ...

CVE-2024-28403

TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting XSS via the VPN Page...