Cp300+ Firmware Security Vulnerabilities and Issues — Cp300+ Firmware CVE List

Lucene search

TotolinkCp300+ Firmware

6 matches found

CVE•added 2023/05/16 3:15 p.m.•47 views

CVE-2023-31856

A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594_B20200910 allows attackers to execute arbitrary commands via a crafted http packet.

9.8CVSS9.7AI score0.01793EPSS

CVE•added 2023/10/16 6:15 a.m.•39 views

CVE-2023-36954

TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection.

9.8CVSS9.6AI score0.02985EPSS

CVE•added 2023/07/17 5:15 p.m.•31 views

CVE-2023-34669

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.

7.5CVSS7.5AI score0.00079EPSS

CVE•added 2023/10/16 6:15 a.m.•28 views

CVE-2023-36953

TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection.

9.8CVSS9.6AI score0.02985EPSS

CVE•added 2023/10/16 5:15 a.m.•26 views

CVE-2023-36952

TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg.

9.8CVSS9.6AI score0.0021EPSS

CVE•added 2023/10/16 6:15 a.m.•24 views

CVE-2023-36955

TOTOLINK CP300+

9.8CVSS9.6AI score0.0021EPSS