Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
TotolinkA6000r Firmware

13 matches found

CVE
CVEadded 2025/04/04 2:15 p.m.52 views

CVE-2025-3249

A vulnerability classified as critical was found in TOTOLINK A6000R 1.0.1-B20201211.2000. Affected by this vulnerability is the function apcli_cancel_wps of the file /usr/lib/lua/luci/controller/mtkwifi.lua. The manipulation leads to command injection. The attack can be launched remotely. The explo...

9.8CVSS6.9AI score0.01249EPSS
CVE
CVEadded 2024/07/23 3:15 p.m.47 views

CVE-2024-41319

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function.

9.8CVSS8AI score0.59691EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.40 views

CVE-2024-41316

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.

9.8CVSS7.8AI score0.12775EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.40 views

CVE-2024-41317

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.

8CVSS7.8AI score0.02347EPSS
CVE
CVEadded 2025/01/10 5:15 p.m.40 views

CVE-2024-57214

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.

6.3CVSS8.2AI score0.02271EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.39 views

CVE-2024-41318

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.

9.8CVSS7.8AI score0.16412EPSS
CVE
CVEadded 2025/01/10 5:15 p.m.39 views

CVE-2024-57213

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the newpasswd parameter in the action_passwd function.

6.3CVSS8.2AI score0.02271EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.38 views

CVE-2024-41314

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.

6.8CVSS7.8AI score0.01694EPSS
CVE
CVEadded 2025/01/10 5:15 p.m.38 views

CVE-2024-57212

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the opmode parameter in the action_reboot function.

5.1CVSS8.2AI score0.02281EPSS
CVE
CVEadded 2025/01/10 5:15 p.m.36 views

CVE-2024-57211

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enable_wsh function.

8CVSS8.2AI score0.01262EPSS
CVE
CVEadded 2024/06/20 5:15 p.m.35 views

CVE-2024-37626

A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote attacker to execute arbitrary code via the iface parameter in the vif_enable function.

8.8CVSS8.4AI score0.02044EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.31 views

CVE-2024-41320

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the get_apcli_conn_info function.

8.8CVSS7.7AI score0.03225EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.30 views

CVE-2024-41315

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.

6.8CVSS7.8AI score0.01694EPSS