Totolink: >> X6000r Firmware >> 9.4.0cu.852_b20230719 Security Vulnerabilities
An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setLedCfg function.
CVSS Score
9.8
EPSS Score
0.046
Published
2023-10-31
An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component.
CVSS Score
9.8
EPSS Score
0.046
Published
2023-10-31
TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords without authentication.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-10-31
TOTOLINK X6000R V9.4.0cu.852_B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function.
CVSS Score
9.8
EPSS Score
0.032
Published
2023-10-31
Page 4