Totolink: >> X2000r Firmware >> 1.0.0-b20230221.0948.web Security Vulnerabilities
Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.
CVSS Score
4.8
EPSS Score
0.0
Published
2024-05-14
TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-04-11
There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-03-20
TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless Page.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-03-15
TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page.
CVSS Score
8.0
EPSS Score
0.0
Published
2024-03-15
TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting (XSS) via the VPN Page.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-03-15
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-12-30
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-12-30
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-12-30