x2000r_firmware

0

SINGLE_NUMBER 1 CVE

1.0.0-b20230221.0948.web

OTHER 17 CVEs

1.0.0-b20231213.1013

OTHER 2 CVEs

1.0.0-b20230221.0948

OTHER 7 CVEs

2.0.0-b20230727.10434

OTHER 1 CVE

CVE-2024-33433

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.

MEDIUM

CVE-2024-28402

TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.

MEDIUM Mar 21, 2024

CVE-2024-28404

TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page.

UNKNOWN Mar 15, 2024

CVE-2023-7208

A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

HIGH Jan 07, 2024

CVE-2023-46548

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlanRedirect.

UNKNOWN Oct 25, 2023

CVE-2023-46562

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDosCfg.

UNKNOWN Oct 25, 2023

CVE-2023-46558

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice.

UNKNOWN Oct 25, 2023

CVE-2023-46541

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpv6Setup.

UNKNOWN Oct 25, 2023