Total
43 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48812 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function that when passed to the CsteSystem function creates a command execution vulnerability. | |||||
| CVE-2023-48801 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_415534 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability. | |||||
| CVE-2023-46417 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415498 function. | |||||
| CVE-2023-46422 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411994 function. | |||||
| CVE-2023-46412 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function. | |||||
| CVE-2023-46409 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function. | |||||
| CVE-2023-46411 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function. | |||||
| CVE-2023-46415 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41E588 function. | |||||
| CVE-2023-46414 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function. | |||||
| CVE-2023-46424 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_422BD4 function. | |||||
| CVE-2023-46420 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41590C function. | |||||
| CVE-2023-46418 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_412688 function. | |||||
| CVE-2023-46413 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function. | |||||
| CVE-2023-46978 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 7.5 HIGH |
| TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords without authentication. | |||||
| CVE-2023-46410 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 416F60 function. | |||||
| CVE-2023-46416 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ The 41A414 function. | |||||
| CVE-2023-46408 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 41DD80 function. | |||||
| CVE-2023-46423 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_417094 function. | |||||
| CVE-2023-46485 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component. | |||||
| CVE-2023-46419 | 1 Totolink | 2 X6000r, X6000r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415730 function. | |||||