Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

OSV
OSVadded 2025/03/17 9:15 a.m.0 views

CVE-2025-2370

A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112B20220316. It has been declared as critical. Affected by this vulnerability is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliSsid leads to stack-based buffer overflow. The...

9.8CVSS6.4AI score
Exploits0References5
CNNVD
CNNVDadded 2025/03/17 12:0 a.m.1 views

TOTOLINK EX1800T 安全漏洞

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from a buffer overflow vulnerability that originates from the setWiFiExtenderConfig function failing to correctly validate the length and size of the input data, which can be...

9.8CVSS8.1AI score0.00389EPSS
Exploits1References6
NVD
NVDadded 2024/04/18 5:15 p.m.7 views

CVE-2024-32326

TOTOLINK EX200 V4.0.3c.7646B20201211 contains a Cross-site scripting XSS vulnerability through the key parameter in the setWiFiExtenderConfig function...

6.8CVSS5.8AI score0.00167EPSS
Exploits1References2
NVD
NVDadded 2024/04/18 5:15 p.m.12 views

CVE-2024-32325

TOTOLINK EX200 V4.0.3c.7646B20201211 contains a Cross-site scripting XSS vulnerability through the ssid parameter in the setWiFiExtenderConfig function...

2.4CVSS5.8AI score0.00113EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2024/04/18 12:0 a.m.1 views

PT-2024-3093 · Totolink · Totolink Ex200

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX200 version 4.0.3c.7646 B20201211 Description: The issue is related to a Cross-site scripting XSS vulnerability. This vulnerability exists due to inadequate protection of the web page structure in the setWiFiExtenderConfig function...

5CVSS5.9AI score0.00113EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2024/04/18 12:0 a.m.8 views

CVE-2024-32326

TOTOLINK EX200 V4.0.3c.7646B20201211 contains a Cross-site scripting XSS vulnerability through the key parameter in the setWiFiExtenderConfig function...

6AI score0.00167EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2024/04/18 12:0 a.m.10 views

CVE-2024-32325

TOTOLINK EX200 V4.0.3c.7646B20201211 contains a Cross-site scripting XSS vulnerability through the ssid parameter in the setWiFiExtenderConfig function...

6AI score0.00113EPSS
Exploits1References2
CVE
CVEadded 2024/04/18 12:0 a.m.49 views

CVE-2024-32326

The CVE-2024-32326 entry concerns TOTOLINK EX200 firmware version V4.0.3c.7646_B20201211, which is reported to have a Cross-site Scripting (XSS) vulnerability via the key parameter in the setWiFiExtenderConfig function. The vulnerability is mapped in multiple sources (NVD/NIST CVE entry, Red Hat ...

6.8CVSS6AI score0.00167EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2024/04/18 12:0 a.m.13 views

CVE-2024-32325

TOTOLINK EX200 V4.0.3c.7646B20201211 contains a Cross-site scripting XSS vulnerability through the ssid parameter in the setWiFiExtenderConfig function...

6AI score0.00113EPSS
Exploits1References2
Cvelist
Cvelistadded 2024/04/18 12:0 a.m.12 views

CVE-2024-32326

TOTOLINK EX200 V4.0.3c.7646B20201211 contains a Cross-site scripting XSS vulnerability through the key parameter in the setWiFiExtenderConfig function...

6AI score0.00167EPSS
Exploits1References2
CVE
CVEadded 2024/04/18 12:0 a.m.49 views

CVE-2024-32325

TOTOLINK EX200 with firmware v4.0.3c.7646_B20201211 exposes an XSS in the setWiFiExtenderConfig function via the ssid parameter. Root cause appears to be lack of proper input filtering/escaping in the web UI. Impact is Cross-site Scripting on the device management context; no exploitation details...

2.4CVSS6AI score0.00113EPSS
Exploits1References2Affected Software1
CNVD
CNVDadded 2024/01/03 12:0 a.m.7 views

TOTOLINK EX1800T setWiFiExtenderConfig Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setWiFiExtenderConfig interface, which originates from the failure of the key5g parameter of the cstecgi .cgi's setWiFiExtenderConfig interface t...

9.8CVSS7.8AI score0.00294EPSS
Exploits1References1
NVD
NVDadded 2023/12/22 7:15 p.m.17 views

CVE-2023-51019

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi...

9.8CVSS0.00294EPSS
Exploits1References1
OSV
OSVadded 2023/12/22 7:15 p.m.0 views

CVE-2023-51019

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi...

9.8CVSS6AI score
Exploits0References1
Prion
Prionadded 2023/12/22 7:15 p.m.12 views

Command injection

TOTOlink EX1800T v9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi...

7.5CVSS7.4AI score0.00294EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2023/12/22 6:15 p.m.0 views

CVE-2023-51028

TOTOLINK EX1800T 9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi...

9.8CVSS6.1AI score0.0031EPSS
Exploits1References2
OSV
OSVadded 2023/12/22 6:15 p.m.0 views

CVE-2023-51027

TOTOlink EX1800T V9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi...

9.8CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2023/12/22 6:15 p.m.0 views

CVE-2023-51027

TOTOlink EX1800T V9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi...

9.8CVSS6.1AI score0.00294EPSS
Exploits1References2
Cvelist
Cvelistadded 2023/12/22 12:0 a.m.19 views

CVE-2023-51027

TOTOlink EX1800T V9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi...

9.7AI score0.00294EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/12/22 12:0 a.m.2 views

TOTOLINK EX1800T 安全漏洞

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setWiFiExtenderConfig interface, which originates from the failure of the key5g parameter of the cstecgi .cgi's setWiFiExtenderConfig interface t...

9.8CVSS7.7AI score0.00294EPSS
Exploits1References2
Rows per page
Query Builder