X2000r Firmware Security Vulnerabilities and Issues — X2000r Firmware CVE List

Lucene search

TotolinkX2000r Firmware

10 matches found

CVE•added 2024/01/16 5:15 p.m.•143 views

CVE-2024-0579

A vulnerability classified as critical was found in Totolink X2000R 1.0.0-B20221212.1452. Affected by this vulnerability is the function formMapDelDevice of the file /boafrm/formMapDelDevice. The manipulation of the argument macstr leads to command injection. The attack can be launched remotely. Th...

9.8CVSS8.3AI score0.01382EPSS

CVE•added 2024/05/14 3:37 p.m.•59 views

CVE-2024-33433

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.

4.8CVSS7.3AI score0.00434EPSS

CVE•added 2024/03/15 5:15 p.m.•58 views

CVE-2024-28401

TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless Page.

5.4CVSS6AI score0.00095EPSS

CVE•added 2024/03/20 3:15 p.m.•55 views

CVE-2024-29419

There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013.

5.4CVSS6AI score0.00076EPSS

CVE•added 2024/03/15 4:15 p.m.•54 views

CVE-2024-28403

TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting (XSS) via the VPN Page.

5.4CVSS6AI score0.001EPSS

CVE•added 2024/03/15 5:15 p.m.•49 views

CVE-2024-28404

TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page.

8CVSS5.8AI score0.00054EPSS

CVE•added 2024/01/25 4:15 p.m.•43 views

CVE-2024-22529

TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub_449040 (handle function of formUploadFile) of /bin/boa.

9.8CVSS9.6AI score0.02742EPSS

CVE•added 2024/01/09 4:15 p.m.•35 views

CVE-2023-7222

A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...

9.8CVSS9.5AI score0.00192EPSS

CVE•added 2024/01/07 7:15 a.m.•33 views

CVE-2023-7208

A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE: The vendor was conta...

9.8CVSS9.4AI score0.00661EPSS

CVE•added 2024/04/11 1:25 a.m.•18 views

CVE-2024-28402

TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.

5.9CVSS5.8AI score0.00082EPSS