Totolink

X2000r

10 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2025-9577

Exploit
  • EPSS 0.02%
  • Published 28.08.2025 18:32:07
  • Last modified 09.09.2025 19:13:43

A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attackin...

7.2

CVE-2025-8181

  • EPSS 0.18%
  • Published 26.07.2025 07:15:26
  • Last modified 29.07.2025 14:14:55

A vulnerability, which was classified as critical, was found in TOTOLINK N600R and X2000R 1.0.0.1. This affects an unknown part of the file vsftpd.conf of the component FTP Service. The manipulation leads to least privilege violation. It is possible ...

4.8

CVE-2025-5543

Exploit
  • EPSS 0.12%
  • Published 03.06.2025 22:31:06
  • Last modified 06.06.2025 18:47:47

A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Parent Controls Page. The manipulation of the argument Device Name lea...

4.8

CVE-2025-5542

Exploit
  • EPSS 0.1%
  • Published 03.06.2025 22:00:20
  • Last modified 06.06.2025 18:47:37

A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument service_ty...

4.8

CVE-2025-5516

Exploit
  • EPSS 0.1%
  • Published 03.06.2025 18:00:18
  • Last modified 06.06.2025 17:42:29

A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the file /boafrm/formFilter of the component URL Filtering Page. The manipulation of the argument URL Address lea...

6.3

CVE-2025-5515

Exploit
  • EPSS 4.39%
  • Published 03.06.2025 17:31:08
  • Last modified 17.06.2025 20:40:51

A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The manipulation of the argument devicemac1 leads to comma...

6.3

CVE-2025-5504

Exploit
  • EPSS 4.39%
  • Published 03.06.2025 14:31:10
  • Last modified 17.06.2025 20:40:28

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack...

5.4

CVE-2024-29419

Exploit
  • EPSS 0.1%
  • Published 20.03.2024 15:15:07
  • Last modified 27.03.2025 21:15:47

There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013.

5.4

CVE-2024-28401

Exploit
  • EPSS 0.1%
  • Published 15.03.2024 17:15:08
  • Last modified 28.03.2025 19:15:21

TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting (XSS) vulnerability in Root Access Control under the Wireless Page.

5.4

CVE-2024-28403

Exploit
  • EPSS 0.1%
  • Published 15.03.2024 16:15:08
  • Last modified 27.03.2025 20:15:25

TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Site Scripting (XSS) via the VPN Page.