Totolink

X2000r Firmware

45 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8

CVE-2025-57579

Exploit
  • EPSS 0.33%
  • Veröffentlicht 12.09.2025 00:00:00
  • Zuletzt bearbeitet 02.10.2025 20:04:07

An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to execute arbitrary code via the default password

7

CVE-2025-9577

Exploit
  • EPSS 0.02%
  • Veröffentlicht 28.08.2025 18:32:07
  • Zuletzt bearbeitet 09.09.2025 19:13:43

A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attackin...

7.2

CVE-2025-8181

Exploit
  • EPSS 0.18%
  • Veröffentlicht 26.07.2025 07:15:26
  • Zuletzt bearbeitet 09.10.2025 19:40:44

A vulnerability, which was classified as critical, was found in TOTOLINK N600R and X2000R 1.0.0.1. This affects an unknown part of the file vsftpd.conf of the component FTP Service. The manipulation leads to least privilege violation. It is possible ...

4.8

CVE-2025-5543

Exploit
  • EPSS 0.12%
  • Veröffentlicht 03.06.2025 22:31:06
  • Zuletzt bearbeitet 06.06.2025 18:47:47

A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Parent Controls Page. The manipulation of the argument Device Name lea...

4.8

CVE-2025-5542

Exploit
  • EPSS 0.1%
  • Veröffentlicht 03.06.2025 22:00:20
  • Zuletzt bearbeitet 06.06.2025 18:47:37

A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_ty...

4.8

CVE-2025-5516

Exploit
  • EPSS 0.1%
  • Veröffentlicht 03.06.2025 18:00:18
  • Zuletzt bearbeitet 06.06.2025 17:42:29

A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the file /boafrm/formFilter of the component URL Filtering Page. The manipulation of the argument URL Address lea...

6.3

CVE-2025-5515

Exploit
  • EPSS 4.39%
  • Veröffentlicht 03.06.2025 17:31:08
  • Zuletzt bearbeitet 17.06.2025 20:40:51

A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to comma...

6.3

CVE-2025-5504

Exploit
  • EPSS 4.39%
  • Veröffentlicht 03.06.2025 14:31:10
  • Zuletzt bearbeitet 17.06.2025 20:40:28

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack...

4.8

CVE-2024-33433

Exploit
  • EPSS 0.43%
  • Veröffentlicht 14.05.2024 15:37:38
  • Zuletzt bearbeitet 09.04.2025 14:20:01

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.

5.9

CVE-2024-28402

Exploit
  • EPSS 0.11%
  • Veröffentlicht 11.04.2024 01:25:09
  • Zuletzt bearbeitet 08.04.2025 15:13:20

TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.