Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
TotolinkA6000r Firmware

13 matches found

CVE
CVEadded 2025/04/04 2:15 p.m.53 views

CVE-2025-3249

A vulnerability classified as critical was found in TOTOLINK A6000R 1.0.1-B20201211.2000. Affected by this vulnerability is the function apcli_cancel_wps of the file /usr/lib/lua/luci/controller/mtkwifi.lua. The manipulation leads to command injection. The attack can be launched remotely. The explo...

9.8CVSS6.9AI score0.00652EPSS
CVE
CVEadded 2024/07/23 3:15 p.m.50 views

CVE-2024-41319

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function.

9.8CVSS8AI score0.43982EPSS
Web
CVE
CVEadded 2024/07/22 2:15 p.m.42 views

CVE-2024-41316

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.

9.8CVSS7.8AI score0.01743EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.41 views

CVE-2024-41317

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.

8CVSS7.8AI score0.0045EPSS
CVE
CVEadded 2025/01/10 5:15 p.m.41 views

CVE-2024-57214

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.

6.3CVSS8.2AI score0.02523EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.40 views

CVE-2024-41318

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.

9.8CVSS7.8AI score0.01743EPSS
CVE
CVEadded 2025/01/10 5:15 p.m.40 views

CVE-2024-57213

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the newpasswd parameter in the action_passwd function.

6.3CVSS8.2AI score0.02523EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.39 views

CVE-2024-41314

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.

6.8CVSS7.8AI score0.00172EPSS
CVE
CVEadded 2025/01/10 5:15 p.m.39 views

CVE-2024-57211

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enable_wsh function.

8CVSS8.2AI score0.0208EPSS
CVE
CVEadded 2025/01/10 5:15 p.m.39 views

CVE-2024-57212

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the opmode parameter in the action_reboot function.

5.1CVSS8.2AI score0.02325EPSS
CVE
CVEadded 2024/06/20 5:15 p.m.36 views

CVE-2024-37626

A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote attacker to execute arbitrary code via the iface parameter in the vif_enable function.

8.8CVSS8.4AI score0.01689EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.32 views

CVE-2024-41320

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the get_apcli_conn_info function.

8.8CVSS7.7AI score0.00455EPSS
CVE
CVEadded 2024/07/22 2:15 p.m.31 views

CVE-2024-41315

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.

6.8CVSS7.8AI score0.00172EPSS