X18 Firmware Security Vulnerabilities and Issues — X18 Firmware CVE List

Lucene search

TotolinkX18 Firmware

5 matches found

CVE•added 2025/03/02 7:15 p.m.•73 views

CVE-2025-1829

A vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329. It has been declared as critical. This vulnerability affects the function setMtknatCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mtkhnatEnable leads to os command injection. The attack can be initiated remote...

8.8CVSS7.3AI score0.01328EPSS

CVE•added 2025/02/16 2:15 p.m.•59 views

CVE-2025-1340

A vulnerability classified as critical has been found in TOTOLINK X18 9.1.0cu.2024_B20220329. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation as part of String leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit ...

9CVSS7AI score0.00104EPSS

CVE•added 2025/02/16 12:15 p.m.•46 views

CVE-2025-1339

A vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329. It has been rated as critical. This issue affects the function setL2tpdConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable leads to os command injection. The attack may be initiated remotely. The exploit ...

8.8CVSS6.9AI score0.00093EPSS

CVE•added 2025/04/18 3:15 p.m.•44 views

CVE-2025-29209

TOTOLINK X18 v9.1.0cu.2024_B20220329 has an unauthorized arbitrary command execution in the enable parameter' of the sub_41105C function of cstecgi .cgi.

9.8CVSS7.3AI score0.0073EPSS

CVE•added 2025/04/03 8:15 p.m.•42 views

CVE-2025-29064

An issue in TOTOLINK x18 v.9.1.0cu.2024_B20220329 allows a remote attacker to execute arbitrary code via the sub_410E54 function of the cstecgi.cgi.

9.8CVSS8.1AI score0.01776EPSS