Lucene search

K
TotolinkX2000r Firmware

42 matches found

CVE
CVE
added 2024/01/16 5:15 p.m.144 views

CVE-2024-0579

A vulnerability classified as critical was found in Totolink X2000R 1.0.0-B20221212.1452. Affected by this vulnerability is the function formMapDelDevice of the file /boafrm/formMapDelDevice. The manipulation of the argument macstr leads to command injection. The attack can be launched remotely. Th...

9.8CVSS8.3AI score0.01022EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.69 views

CVE-2023-46554

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDel.

9.8CVSS9.6AI score0.00388EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.67 views

CVE-2023-46560

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formTcpipSetup.

9.8CVSS9.6AI score0.0021EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.62 views

CVE-2023-46558

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice.

9.8CVSS9.6AI score0.0021EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.62 views

CVE-2023-46564

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDMZ.

9.8CVSS9.6AI score0.00388EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.61 views

CVE-2023-46557

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAPVLAN.

9.8CVSS9.6AI score0.0021EPSS
CVE
CVE
added 2024/05/14 3:37 p.m.60 views

CVE-2024-33433

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.

4.8CVSS7.3AI score0.00434EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.59 views

CVE-2023-46556

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formFilter.

9.8CVSS9.6AI score0.0021EPSS
CVE
CVE
added 2024/03/15 5:15 p.m.59 views

CVE-2024-28401

TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless Page.

5.4CVSS6AI score0.00095EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.57 views

CVE-2023-46555

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPortFw.

9.8CVSS9.6AI score0.0021EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.56 views

CVE-2023-46559

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIPv6Addr.

9.8CVSS9.6AI score0.00388EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.56 views

CVE-2023-46563

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpQoS.

9.8CVSS9.6AI score0.0021EPSS
CVE
CVE
added 2024/03/20 3:15 p.m.56 views

CVE-2024-29419

There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013.

5.4CVSS6AI score0.00103EPSS
CVE
CVE
added 2024/03/15 4:15 p.m.55 views

CVE-2024-28403

TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting (XSS) via the VPN Page.

5.4CVSS6AI score0.001EPSS
CVE
CVE
added 2024/03/15 5:15 p.m.50 views

CVE-2024-28404

TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page.

8CVSS5.8AI score0.00054EPSS
CVE
CVE
added 2024/01/25 4:15 p.m.44 views

CVE-2024-22529

TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub_449040 (handle function of formUploadFile) of /bin/boa.

9.8CVSS9.6AI score0.02742EPSS
CVE
CVE
added 2023/12/30 4:15 p.m.43 views

CVE-2023-51136

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule.

9.8CVSS9.6AI score0.00289EPSS
CVE
CVE
added 2025/06/03 6:15 p.m.42 views

CVE-2025-5516

A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the file /boafrm/formFilter of the component URL Filtering Page. The manipulation of the argument URL Address leads to cross site scripting. It is possible to ini...

4.8CVSS3.4AI score0.00077EPSS
Web
CVE
CVE
added 2025/06/03 10:15 p.m.42 views

CVE-2025-5542

A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_type leads to cross site scripting. It is possible ...

4.8CVSS6.4AI score0.00077EPSS
Web
CVE
CVE
added 2023/10/25 6:17 p.m.41 views

CVE-2023-46545

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWsc.

9.8CVSS9.6AI score0.00221EPSS
CVE
CVE
added 2023/12/30 4:15 p.m.40 views

CVE-2023-51133

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute.

9.8CVSS9.6AI score0.00289EPSS
CVE
CVE
added 2025/06/03 11:15 p.m.39 views

CVE-2025-5543

A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Parent Controls Page. The manipulation of the argument Device Name leads to cross site scripting. The attack can be lau...

4.8CVSS6.4AI score0.00089EPSS
CVE
CVE
added 2023/12/30 4:15 p.m.38 views

CVE-2023-51135

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup.

9.8CVSS9.6AI score0.00289EPSS
CVE
CVE
added 2024/01/09 4:15 p.m.36 views

CVE-2023-7222

A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...

9.8CVSS9.5AI score0.00192EPSS
CVE
CVE
added 2025/06/03 3:16 p.m.35 views

CVE-2025-5504

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack can be initiated remotely. The exploit has been ...

6.5CVSS6.9AI score0.04883EPSS
Web
CVE
CVE
added 2025/06/03 6:15 p.m.35 views

CVE-2025-5515

A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to command injection. The attack may be launched remotely...

6.5CVSS6.8AI score0.04883EPSS
Web
CVE
CVE
added 2023/10/25 6:17 p.m.34 views

CVE-2023-46544

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWirelessTbl.

9.8CVSS9.6AI score0.00388EPSS
CVE
CVE
added 2024/01/07 7:15 a.m.34 views

CVE-2023-7208

A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE: The vendor was conta...

9.8CVSS9.4AI score0.00661EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.32 views

CVE-2023-46540

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formNtp.

9.8CVSS9.6AI score0.00244EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.32 views

CVE-2023-46542

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMeshUploadConfig.

9.8CVSS9.6AI score0.00244EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.32 views

CVE-2023-46549

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSetLg.

9.8CVSS9.6AI score0.00244EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.32 views

CVE-2023-46553

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formParentControl.

9.8CVSS9.6AI score0.00244EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.31 views

CVE-2023-46550

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice.

9.8CVSS9.6AI score0.0021EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.31 views

CVE-2023-46552

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAP.

9.8CVSS9.6AI score0.00244EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.29 views

CVE-2023-46543

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlSiteSurvey.

9.8CVSS9.6AI score0.00244EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.29 views

CVE-2023-46547

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSysLog.

9.8CVSS9.6AI score0.00244EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.29 views

CVE-2023-46562

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDosCfg.

9.8CVSS9.6AI score0.00388EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.27 views

CVE-2023-46541

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpv6Setup.

9.8CVSS9.6AI score0.00244EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.27 views

CVE-2023-46546

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formStats.

9.8CVSS9.6AI score0.00221EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.26 views

CVE-2023-46548

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlanRedirect.

9.8CVSS9.6AI score0.00244EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.26 views

CVE-2023-46551

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formReflashClientTbl.

9.8CVSS9.6AI score0.00244EPSS
CVE
CVE
added 2024/04/11 1:25 a.m.19 views

CVE-2024-28402

TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.

5.9CVSS5.8AI score0.00112EPSS