Shodan
Vulnerabilities
Vulnerable Software
Totolink:  >> X6000r Firmware  >> 9.4.0cu.652_b20230116  Security Vulnerabilities
CVE-2025-25524
Buffer overflow vulnerability in TOTOLink X6000R routers V9.4.0cu.652_B20230116 due to the lack of length verification, which is related to the addition of Wi-Fi filtering rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-02-11
CVE-2023-43453
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component.
CVSS Score
9.8
EPSS Score
0.039
Published
2023-12-01
CVE-2023-43454
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the hostName parameter of the switchOpMode component.
CVSS Score
9.8
EPSS Score
0.039
Published
2023-12-01
CVE-2023-43455
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component.
CVSS Score
9.8
EPSS Score
0.039
Published
2023-12-01
CVE-2023-46408
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 41DD80 function.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
CVE-2023-46409
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ 41CC04 function.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
CVE-2023-46410
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_ The 416F60 function.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
CVE-2023-46411
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
CVE-2023-46412
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
CVE-2023-46413
TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved