Totolink

X2000r Firmware

44 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8

CVE-2025-57579

Exploit
  • EPSS 0.33%
  • Published 12.09.2025 00:00:00
  • Last modified 02.10.2025 20:04:07

An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to execute arbitrary code via the default password

7

CVE-2025-9577

Exploit
  • EPSS 0.02%
  • Published 28.08.2025 18:32:07
  • Last modified 09.09.2025 19:13:43

A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attackin...

4.8

CVE-2025-5543

Exploit
  • EPSS 0.12%
  • Published 03.06.2025 22:31:06
  • Last modified 06.06.2025 18:47:47

A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Parent Controls Page. The manipulation of the argument Device Name lea...

4.8

CVE-2025-5542

Exploit
  • EPSS 0.1%
  • Published 03.06.2025 22:00:20
  • Last modified 06.06.2025 18:47:37

A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_ty...

4.8

CVE-2025-5516

Exploit
  • EPSS 0.1%
  • Published 03.06.2025 18:00:18
  • Last modified 06.06.2025 17:42:29

A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the file /boafrm/formFilter of the component URL Filtering Page. The manipulation of the argument URL Address lea...

6.3

CVE-2025-5515

Exploit
  • EPSS 4.39%
  • Published 03.06.2025 17:31:08
  • Last modified 17.06.2025 20:40:51

A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to comma...

6.3

CVE-2025-5504

Exploit
  • EPSS 4.39%
  • Published 03.06.2025 14:31:10
  • Last modified 17.06.2025 20:40:28

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack...

4.8

CVE-2024-33433

Exploit
  • EPSS 0.43%
  • Published 14.05.2024 15:37:38
  • Last modified 09.04.2025 14:20:01

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.

5.9

CVE-2024-28402

Exploit
  • EPSS 0.11%
  • Published 11.04.2024 01:25:09
  • Last modified 08.04.2025 15:13:20

TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.

5.4

CVE-2024-29419

Exploit
  • EPSS 0.1%
  • Published 20.03.2024 15:15:07
  • Last modified 27.03.2025 21:15:47

There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013.