Lucene search
K

13 matches found

Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.7 views

PT-2025-3412 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version V1.0.1-B20201211.2000 Description: A command injection issue was discovered, affecting the reset wifi function through the devname parameter. This allows for potential exploitation. No information is provided about the...

6.3CVSS7.6AI score0.00675EPSS
Exploits1References4
NVD
NVD
added 2024/07/23 3:15 p.m.26 views

CVE-2024-41319

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function...

9.8CVSS0.05546EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.4 views

PT-2024-5358 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version V1.0.1-B20201211.2000 Description: The issue is related to the cmd parameter in the webcmd function of the TOTOLINK A6000R router's firmware, which fails to neutralize special elements used in the operating system...

9.8CVSS8.2AI score0.05546EPSS
Exploits2References6
NVD
NVD
added 2024/07/22 2:15 p.m.30 views

CVE-2024-41318

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcliwpsgenpincode function...

9.8CVSS0.02429EPSS
Exploits1References2
NVD
NVD
added 2024/07/22 2:15 p.m.20 views

CVE-2024-41317

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclidoenrpbcwps function...

8CVSS0.02293EPSS
Exploits1References2
NVD
NVD
added 2024/07/22 2:15 p.m.21 views

CVE-2024-41314

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vifdisable function...

6.8CVSS0.02083EPSS
Exploits1References2
NVD
NVD
added 2024/07/22 2:15 p.m.23 views

CVE-2024-41316

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...

9.8CVSS0.02469EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.5 views

PT-2024-8129 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version V1.0.1-B20201211.2000 Description: The issue is related to the apcli cancel wps function in the TOTOLINK A6000R router's firmware, which fails to neutralize special elements used in an operating system command. This ca...

10CVSS8.2AI score0.02469EPSS
Exploits1References6
Cvelist
Cvelist
added 2024/07/22 12:0 a.m.21 views

CVE-2024-41316

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...

0.02469EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/07/22 12:0 a.m.20 views

CVE-2024-41317

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclidoenrpbcwps function...

0.02293EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/07/22 12:0 a.m.17 views

CVE-2024-41314

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vifdisable function...

8AI score0.02083EPSS
Exploits1References2
CVE
CVE
added 2024/07/22 12:0 a.m.48 views

CVE-2024-41315

CVE-2024-41315 affects TOTOLINK A6000R (v1.0.1-B20201211.2000). A command‑injection vulnerability exists in the function handle path apcli_do_enr_pin_wps via the ifname parameter. Public sources describe that an attacker can exploit this to achieve arbitrary command execution. Several connected r...

6.8CVSS7.8AI score0.02118EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/06/20 12:0 a.m.47 views

CVE-2024-37626

CVE-2024-37626 affects TOTOLINK A6000R, firmware version V1.0.1-B20201211.2000 . The issue is a command-injection vulnerability in the iface parameter of the vif_enable function, allowing a remote attacker to execute arbitrary code. CVSSv3.1 base score is 8.8 (HIGH) with adjacent attack vector, n...

8.8CVSS8.4AI score0.01487EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder