CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-33433

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.9%

CVSS Severity

CVSS v3 Score 4.8

References

https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/X2000R/XSS_2_Guest_Access_Control/README.md
https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/X2000R/XSS_2_Guest_Access_Control/README.md

Products affected by CVE-2024-33433

Totolink » X2000r » Version: N/A

cpe:2.3:h:totolink:x2000r:-
Totolink » X2000r Firmware » Version: 1.0.0-b20221212.1452

cpe:2.3:o:totolink:x2000r_firmware:1.0.0-b20221212.1452
Totolink » X2000r Firmware » Version: 1.0.0-b20230221.0948

cpe:2.3:o:totolink:x2000r_firmware:1.0.0-b20230221.0948
Totolink » X2000r Firmware » Version: 1.0.0-b20230221.0948.web

cpe:2.3:o:totolink:x2000r_firmware:1.0.0-b20230221.0948.web

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-33433

Products

Pricing

Contact Us