Totolink: >> X2000r Firmware >> 2.0.0-b20230727.10434 Security Vulnerabilities
TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub_449040 (handle function of formUploadFile) of /bin/boa.
CVSS Score
9.8
EPSS Score
0.026
Published
2024-01-25
A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
8.0
EPSS Score
0.005
Published
2024-01-07