Totolink: >> X5000r Firmware >> 9.1.0cu.2350_b20230313 Security Vulnerabilities
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function.
CVSS Score
8.0
EPSS Score
0.008
Published
2024-05-14
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mtu" parameters in the "cstecgi.cgi" binary.
CVSS Score
6.0
EPSS Score
0.009
Published
2024-05-14
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecPsk" parameter in the "cstecgi.cgi" binary.
CVSS Score
8.8
EPSS Score
0.046
Published
2024-05-14
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mru" parameter in the "cstecgi.cgi" binary.
CVSS Score
8.8
EPSS Score
0.046
Published
2024-05-14
TOTOLINK X5000R v9.1.0cu.2350_B20230313 was discovered to contain a command injection via the disconnectVPN function.
CVSS Score
8.8
EPSS Score
0.018
Published
2024-05-14
TOTOLINK X5000R_V9.1.0cu.2089_B20211224 and X5000R_V9.1.0cu.2350_B20230313 were discovered to contain a remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function.
CVSS Score
9.8
EPSS Score
0.084
Published
2023-08-21
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the setWanCfg function.
CVSS Score
9.8
EPSS Score
0.052
Published
2023-06-06
Page 3