13 matches found
PT-2025-3412 · Totolink · Totolink X6000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version V1.0.1-B20201211.2000 Description: A command injection issue was discovered, affecting the reset wifi function through the devname parameter. This allows for potential exploitation. No information is provided about the...
CVE-2024-41319
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function...
PT-2024-5358 · Totolink · Totolink X6000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version V1.0.1-B20201211.2000 Description: The issue is related to the cmd parameter in the webcmd function of the TOTOLINK A6000R router's firmware, which fails to neutralize special elements used in the operating system...
CVE-2024-41318
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcliwpsgenpincode function...
CVE-2024-41317
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclidoenrpbcwps function...
CVE-2024-41314
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vifdisable function...
CVE-2024-41316
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...
PT-2024-8129 · Totolink · Totolink X6000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version V1.0.1-B20201211.2000 Description: The issue is related to the apcli cancel wps function in the TOTOLINK A6000R router's firmware, which fails to neutralize special elements used in an operating system command. This ca...
CVE-2024-41316
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...
CVE-2024-41317
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclidoenrpbcwps function...
CVE-2024-41314
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vifdisable function...
CVE-2024-41315
CVE-2024-41315 affects TOTOLINK A6000R (v1.0.1-B20201211.2000). A command‑injection vulnerability exists in the function handle path apcli_do_enr_pin_wps via the ifname parameter. Public sources describe that an attacker can exploit this to achieve arbitrary command execution. Several connected r...
CVE-2024-37626
CVE-2024-37626 affects TOTOLINK A6000R, firmware version V1.0.1-B20201211.2000 . The issue is a command-injection vulnerability in the iface parameter of the vif_enable function, allowing a remote attacker to execute arbitrary code. CVSSv3.1 base score is 8.8 (HIGH) with adjacent attack vector, n...