Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
TotolinkX5000r Firmware

25 matches found

CVE
CVEadded 2025/01/15 5:15 p.m.72 views

CVE-2024-57011

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg.

8.8CVSS7.7AI score0.01137EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.70 views

CVE-2024-57012

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setScheduleCfg.

8.8CVSS7.7AI score0.03569EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.69 views

CVE-2024-57013

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "switch" parameter in setScheduleCfg.

8.8CVSS7.7AI score0.03569EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.69 views

CVE-2024-57015

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "hour" parameter in setScheduleCfg.

8.8CVSS7.7AI score0.03569EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.67 views

CVE-2024-57022

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg.

8.8CVSS7.7AI score0.03569EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.66 views

CVE-2024-57017

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "pass" parameter in setVpnAccountCfg.

8.8CVSS8AI score0.03569EPSS
CVE
CVEadded 2024/05/14 4:17 p.m.65 views

CVE-2024-32350

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecPsk" parameter in the "cstecgi.cgi" binary.

8.8CVSS7.5AI score0.04621EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.65 views

CVE-2024-57014

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "recHour" parameter in setScheduleCfg.

8.8CVSS7.7AI score0.02466EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.65 views

CVE-2024-57016

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "user" parameter in setVpnAccountCfg.

8.8CVSS8AI score0.03569EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.64 views

CVE-2024-57018

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setVpnAccountCfg.

8.8CVSS8AI score0.03569EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.64 views

CVE-2024-57019

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAccountCfg.

8.8CVSS8AI score0.03569EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.64 views

CVE-2024-57021

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg.

8.8CVSS7.7AI score0.03569EPSS
CVE
CVEadded 2024/05/14 4:17 p.m.62 views

CVE-2024-32351

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mru" parameter in the "cstecgi.cgi" binary.

8.8CVSS7.5AI score0.04621EPSS
CVE
CVEadded 2024/05/14 4:17 p.m.62 views

CVE-2024-32352

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecL2tpEnable" parameter in the "cstecgi.cgi" binary.

8.8CVSS7.5AI score0.04621EPSS
CVE
CVEadded 2025/01/15 5:15 p.m.61 views

CVE-2024-57020

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg.

8.8CVSS7.7AI score0.03569EPSS
CVE
CVEadded 2024/08/13 2:15 p.m.57 views

CVE-2024-42739

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS8.1AI score0.12763EPSS
CVE
CVEadded 2023/05/31 1:15 p.m.53 views

CVE-2023-33485

TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a post-authentication buffer overflow via parameter sPort/ePort in the addEffect function.

8.8CVSS8.8AI score0.00342EPSS
CVE
CVEadded 2024/08/12 8:15 p.m.53 views

CVE-2024-42741

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS7.7AI score0.09023EPSS
CVE
CVEadded 2024/08/13 2:15 p.m.49 views

CVE-2024-42738

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS8.3AI score0.16398EPSS
CVE
CVEadded 2024/08/12 8:15 p.m.49 views

CVE-2024-42742

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS7.7AI score0.12763EPSS
CVE
CVEadded 2024/08/12 8:15 p.m.48 views

CVE-2024-42743

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg . Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS7.7AI score0.12763EPSS
CVE
CVEadded 2024/05/14 4:17 p.m.47 views

CVE-2024-32355

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function.

8CVSS7.9AI score0.00844EPSS
CVE
CVEadded 2024/08/12 8:15 p.m.47 views

CVE-2024-42747

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS8.1AI score0.02083EPSS
CVE
CVEadded 2024/08/12 8:15 p.m.46 views

CVE-2024-42744

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser. Authenticated Attackers can send malicious packet to execute arbitrary commands.

8.8CVSS7.7AI score0.12763EPSS
CVE
CVEadded 2024/05/14 3:39 p.m.41 views

CVE-2024-34921

TOTOLINK X5000R v9.1.0cu.2350_B20230313 was discovered to contain a command injection via the disconnectVPN function.

8.8CVSS7.9AI score0.01781EPSS