Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-28039
TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter.
CVSS Score
9.8
EPSS Score
0.029
Published
2025-04-22
CVE-2023-44752
An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass authentication via a crafted GET request to /php-sscdms/admin/login.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-04-22
CVE-2023-44753
A stored cross-site scripting (XSS) vulnerability fin Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter on the profile.php page.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-04-22
CVE-2025-28030
TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-04-22
CVE-2025-28031
TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the telnet service in product.ini.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-04-22
CVE-2025-28037
TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.
CVSS Score
9.8
EPSS Score
0.029
Published
2025-04-22
CVE-2025-28024
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the cstecgi.cgi
CVSS Score
9.8
EPSS Score
0.002
Published
2025-04-22
CVE-2025-28032
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpForm parameter.
CVSS Score
7.3
EPSS Score
0.002
Published
2025-04-22
CVE-2025-28033
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpTo parameter.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-04-22
CVE-2025-28034
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.
CVSS Score
9.8
EPSS Score
0.032
Published
2025-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved