Totolink

X6000r

8 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2025-11005

  • EPSS 1.71%
  • Published 25.09.2025 21:15:31
  • Last modified 26.09.2025 14:32:19

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1458_B20250708.

7.3

CVE-2025-52907

  • EPSS 1.86%
  • Published 24.09.2025 18:15:38
  • Last modified 26.09.2025 14:32:53

Improper Input Validation vulnerability in TOTOLINK X6000R allows Command Injection, File Manipulation.This issue affects X6000R: through V9.4.0cu.1360_B20241207.

9.3

CVE-2025-52906

  • EPSS 3.02%
  • Published 24.09.2025 18:15:37
  • Last modified 26.09.2025 14:32:53

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1360_B20241207.

7.5

CVE-2025-52905

  • EPSS 0.16%
  • Published 23.09.2025 18:15:33
  • Last modified 08.10.2025 18:06:28

Improper Input Validation vulnerability in TOTOLINK X6000R allows Flooding.This issue affects X6000R: through V9.4.0cu.1360_B20241207.

9.8

CVE-2025-52053

Exploit
  • EPSS 53.02%
  • Published 15.09.2025 15:15:54
  • Last modified 20.09.2025 02:49:46

TOTOLINK X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in the sub_417D74 function via the file_name parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted req...

6.5

CVE-2025-52284

Exploit
  • EPSS 46.97%
  • Published 29.07.2025 00:00:00
  • Last modified 15.09.2025 15:15:54

Totolink X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in the sub_4184C0 function via the tz parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request.

5.1

CVE-2025-25524

  • EPSS 0.05%
  • Published 11.02.2025 19:15:19
  • Last modified 29.04.2025 16:22:26

Buffer overflow vulnerability in TOTOLink X6000R routers V9.4.0cu.652_B20230116 due to the lack of length verification, which is related to the addition of Wi-Fi filtering rules. Attackers who successfully exploit this vulnerability can cause the rem...

9.8

CVE-2024-1781

Exploit
  • EPSS 4.28%
  • Published 23.02.2024 01:15:52
  • Last modified 01.04.2025 15:35:54

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.852_20230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injectio...