CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-29419

There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.4%

CVSS Severity

CVSS v3 Score 5.4

References

https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/X2000R/XSS_6_Wireless_settings/XSS.md
https://www.totolink.net/home/menu/detail/menu_listtpl/products/id/242/ids/33.html
https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/X2000R/XSS_6_Wireless_settings/XSS.md
https://www.totolink.net/home/menu/detail/menu_listtpl/products/id/242/ids/33.html

Products affected by CVE-2024-29419

Totolink » X2000r » Version: N/A

cpe:2.3:h:totolink:x2000r:-
Totolink » X2000r Firmware » Version: 1.0.0-b20221212.1452

cpe:2.3:o:totolink:x2000r_firmware:1.0.0-b20221212.1452
Totolink » X2000r Firmware » Version: 1.0.0-b20230221.0948

cpe:2.3:o:totolink:x2000r_firmware:1.0.0-b20230221.0948
Totolink » X2000r Firmware » Version: 1.0.0-b20230221.0948.web

cpe:2.3:o:totolink:x2000r_firmware:1.0.0-b20230221.0948.web

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-29419

Products

Pricing

Contact Us