X5000r Firmware Security Vulnerabilities and Issues — X5000r Firmware CVE List

Lucene search

TotolinkX5000r Firmware

6 matches found

CVE•added 2022/02/04 2:15 a.m.•51 views

CVE-2021-45736

TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setL2tpServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the eip, sip, server parameters.

7.8CVSS7.6AI score0.00407EPSS

CVE•added 2022/02/04 2:15 a.m.•51 views

CVE-2021-45738

TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a command injection vulnerability in the function UploadFirmwareFile. This vulnerability allows attackers to execute arbitrary commands via the parameter FileName.

10CVSS10AI score0.2581EPSS

CVE•added 2022/02/04 2:15 a.m.•48 views

CVE-2021-45733

TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a command injection vulnerability in the function NTPSyncWithHost. This vulnerability allows attackers to execute arbitrary commands via the parameter host_time.

10CVSS10AI score0.2581EPSS

CVE•added 2022/02/04 2:15 a.m.•47 views

CVE-2021-45734

TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via the url parameter.

7.8CVSS7.6AI score0.00433EPSS

CVE•added 2022/02/04 2:15 a.m.•47 views

CVE-2021-45735

TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software.

7.5CVSS7.7AI score0.00248EPSS

CVE•added 2022/02/04 2:15 a.m.•46 views

CVE-2021-45741

TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setIpv6Cfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the relay6to4 parameters.

7.8CVSS7.6AI score0.00529EPSS