Lucene search

Ex1200T Firmware Security Vulnerabilities - CVSS Score 9 - 10

cve

CVE-2021-42872

TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code.

9.8CVSS

9.8AI Score

0.037EPSS

2022-06-02 02:15 PM

cve

CVE-2021-42875

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cste_modules/system.so to control the ipDoamin.

9.8CVSS

9.6AI Score

0.025EPSS

2022-06-02 07:15 PM

cve

CVE-2021-42884

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceName of the file global.so which can control thedeviceName to attack.

9.8CVSS

9.6AI Score

0.003EPSS

2022-06-03 11:15 AM

cve

CVE-2021-42885

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceMac of the file global.so which can control deviceName to attack.

9.8CVSS

9.6AI Score

0.003EPSS

2022-06-03 11:15 AM

cve

CVE-2021-42887

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm.

9.8CVSS

9.4AI Score

0.08EPSS

2022-06-03 12:15 PM

cve

CVE-2021-42888

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setLanguageCfg of the file global.so which can control langType to attack.

9.8CVSS

9.6AI Score

0.003EPSS

2022-06-03 02:15 PM

cve

CVE-2021-42890

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function NTPSyncWithHost of the file system.so which can control hostTime to attack.

9.8CVSS

9.6AI Score

0.003EPSS

2022-06-03 03:15 PM

cve

CVE-2023-52032

TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) vulnerability via the "main" function.

9.8CVSS

9.7AI Score

0.001EPSS

2024-01-11 09:15 AM