14 matches found
TOTOLINK X6000R 操作系统命令注入漏洞
The TOTOLINK X6000R is a wireless router produced by TOTOLINK, a Chinese company. The versions TOTOLINK X6000R 9.4.0cu.1360B20241207 and 9.4.0cu.1498B20250826 contain an operating system command injection vulnerability. This vulnerability stems from incorrect handling of the parameter Hostname in...
CVE-2026-1723
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1498B20250826...
CVE-2025-11005
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1458B20250708...
CVE-2025-52906
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1360B20241207...
CVE-2025-52905
Improper Input Validation vulnerability in TOTOLINK X6000R allows Flooding.This issue affects X6000R: through V9.4.0cu.1360B20241207...
CVE-2025-52053
TOTOLINK X6000R V9.4.0cu.1360B20241207 was found to contain a command injection vulnerability in the sub417D74 function via the filename parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request...
CVE-2023-48799
TOTOLINK-X6000R Firmware-V9.4.0cu.852B20230719 is vulnerable to Command Execution...
CVE-2023-48801
In TOTOLINK X6000RFirmware V9.4.0cu.852B20230719, the shttpd file sub415534 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability...
PT-2023-30280 · Totolink · Totolink X6000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.852 B20230719 Description: A command injection issue was found via the enable parameter in the setLedCfg function. This allows for potential command injection attacks. Recommendations: For TOTOLINK X6000R versi...
CVE-2023-46417
TOTOLINK X6000R v9.4.0cu.652B20230116 was discovered to contain a remote command execution RCE vulnerability via the sub415498 function...
CVE-2023-46411
TOTOLINK X6000R v9.4.0cu.652B20230116 was discovered to contain a command execution vulnerability via the sub415258 function...
CVE-2023-46424
TOTOLINK X6000R v9.4.0cu.652B20230116 was discovered to contain a remote command execution RCE vulnerability via the sub422BD4 function...
TOTOLINK X6000R Command Injection Vulnerability
The TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK X6000R v9.4.0cu.652B20230116 version that stems from a remote command execution vulnerability in the method in the sub417094 location...
TOTOLINK X6000R Command Injection Vulnerability
The TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK X6000R v9.4.0cu.652B20230116 version that stems from a command execution vulnerability in the method in the sub41CC04 location...