Totolink

X2000r Firmware

45 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8

CVE-2025-57579

Exploit
  • EPSS 0.33%
  • Published 12.09.2025 00:00:00
  • Last modified 02.10.2025 20:04:07

An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to execute arbitrary code via the default password

7

CVE-2025-9577

Exploit
  • EPSS 0.02%
  • Published 28.08.2025 18:32:07
  • Last modified 09.09.2025 19:13:43

A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attackin...

7.2

CVE-2025-8181

Exploit
  • EPSS 0.18%
  • Published 26.07.2025 07:15:26
  • Last modified 09.10.2025 19:40:44

A vulnerability, which was classified as critical, was found in TOTOLINK N600R and X2000R 1.0.0.1. This affects an unknown part of the file vsftpd.conf of the component FTP Service. The manipulation leads to least privilege violation. It is possible ...

4.8

CVE-2025-5543

Exploit
  • EPSS 0.12%
  • Published 03.06.2025 22:31:06
  • Last modified 06.06.2025 18:47:47

A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Parent Controls Page. The manipulation of the argument Device Name lea...

4.8

CVE-2025-5542

Exploit
  • EPSS 0.1%
  • Published 03.06.2025 22:00:20
  • Last modified 06.06.2025 18:47:37

A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_ty...

4.8

CVE-2025-5516

Exploit
  • EPSS 0.1%
  • Published 03.06.2025 18:00:18
  • Last modified 06.06.2025 17:42:29

A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the file /boafrm/formFilter of the component URL Filtering Page. The manipulation of the argument URL Address lea...

6.3

CVE-2025-5515

Exploit
  • EPSS 4.39%
  • Published 03.06.2025 17:31:08
  • Last modified 17.06.2025 20:40:51

A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to comma...

6.3

CVE-2025-5504

Exploit
  • EPSS 4.39%
  • Published 03.06.2025 14:31:10
  • Last modified 17.06.2025 20:40:28

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack...

4.8

CVE-2024-33433

Exploit
  • EPSS 0.43%
  • Published 14.05.2024 15:37:38
  • Last modified 09.04.2025 14:20:01

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.

5.9

CVE-2024-28402

Exploit
  • EPSS 0.11%
  • Published 11.04.2024 01:25:09
  • Last modified 08.04.2025 15:13:20

TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.