X5000r Firmware Security Vulnerabilities and Issues — X5000r Firmware CVE List

Lucene search

TotolinkX5000r Firmware

12 matches found

CVE•added 2024/08/13 2:15 p.m.•57 views

CVE-2024-42739

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS8.1AI score0.12763EPSS

CVE•added 2024/08/12 8:15 p.m.•53 views

CVE-2024-42741

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS7.7AI score0.09023EPSS

CVE•added 2024/08/13 2:15 p.m.•49 views

CVE-2024-42738

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS8.3AI score0.16398EPSS

CVE•added 2024/08/12 8:15 p.m.•49 views

CVE-2024-42742

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS7.7AI score0.12763EPSS

CVE•added 2024/08/12 8:15 p.m.•49 views

CVE-2024-42745

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

9.8CVSS7.7AI score0.16059EPSS

CVE•added 2024/08/12 8:15 p.m.•48 views

CVE-2024-42743

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg . Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS7.7AI score0.12763EPSS

CVE•added 2024/08/13 2:15 p.m.•47 views

CVE-2024-42737

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands.

9.8CVSS8.3AI score0.20364EPSS

CVE•added 2024/08/12 8:15 p.m.•47 views

CVE-2024-42747

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS8.1AI score0.02083EPSS

CVE•added 2024/08/12 8:15 p.m.•47 views

CVE-2024-42748

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWiFiWpsCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

9.8CVSS8.1AI score0.16059EPSS

CVE•added 2024/08/13 2:15 p.m.•46 views

CVE-2024-42740

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setLedCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

6.8CVSS7.8AI score0.02183EPSS

CVE•added 2024/08/12 8:15 p.m.•46 views

CVE-2024-42744

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS7.7AI score0.12763EPSS

CVE•added 2024/08/13 2:15 p.m.•41 views

CVE-2024-42736

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in addBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands.

7.8CVSS8.3AI score0.02154EPSS