Shodan
Vulnerabilities
Vulnerable Software
Totolink:  Security Vulnerabilities
CVE-2024-34200
TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpQosRules function.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-05-14
CVE-2024-34201
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the getSaveConfig function.
CVSS Score
7.3
EPSS Score
0.004
Published
2024-05-14
CVE-2024-34202
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setMacFilterRules function.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-05-14
CVE-2024-34203
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function.
CVSS Score
3.8
EPSS Score
0.004
Published
2024-05-14
CVE-2024-34204
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter.
CVSS Score
9.8
EPSS Score
0.06
Published
2024-05-14
CVE-2024-34205
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the download_firmware function.
CVSS Score
7.3
EPSS Score
0.062
Published
2024-05-14
CVE-2024-34196
Totolink AC1200 Wireless Dual Band Gigabit Router A3002RU_V3 Firmware V3.0.0-B20230809.1615 is vulnerable to Buffer Overflow. The "boa" program allows attackers to modify the value of the "vwlan_idx" field via "formMultiAP". This can lead to a stack overflow through the "formWlEncrypt" CGI function by constructing malicious HTTP requests and passing a WLAN SSID value exceeding the expected length, potentially resulting in command execution or denial of service attacks.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-05-14
CVE-2024-33433
Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.
CVSS Score
4.8
EPSS Score
0.004
Published
2024-05-14
CVE-2024-31810
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-05-14
CVE-2024-34257
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType parameter that allows unauthorized execution of arbitrary commands, allowing an attacker to obtain device administrator privileges.
CVSS Score
9.8
EPSS Score
0.873
Published
2024-05-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved