Shodan
Vulnerabilities
Vulnerable Software
Totolink:  Security Vulnerabilities
CVE-2024-33820
Totolink AC1200 Wireless Dual Band Gigabit Router A3002R_V4 Firmware V4.0.0-B20230531.1404 is vulnerable to Buffer Overflow via the formWlEncrypt function of the boa server. Specifically, they exploit the length of the wlan_ssid field triggers the overflow.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-05-01
CVE-2024-32334
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-04-18
CVE-2024-32335
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless Page.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-04-18
CVE-2024-32325
TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig function.
CVSS Score
2.4
EPSS Score
0.001
Published
2024-04-18
CVE-2024-32326
TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the key parameter in the setWiFiExtenderConfig function.
CVSS Score
6.8
EPSS Score
0.002
Published
2024-04-18
CVE-2024-32327
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall Page.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-04-18
CVE-2024-32332
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless Page.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-04-18
CVE-2024-32333
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-18
CVE-2024-28402
TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-04-11
CVE-2024-31817
In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getSysStatusCfg.
CVSS Score
7.5
EPSS Score
0.104
Published
2024-04-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved