Totolink

Cp450 Firmware

19 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-7465

Exploit
  • EPSS 0.24%
  • Published 05.08.2024 02:16:03
  • Last modified 15.08.2024 13:11:59

A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747_B20191224. Affected is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer overflow. It is poss...

9.8

CVE-2024-7332

Exploit
  • EPSS 91.85%
  • Published 01.08.2024 01:15:09
  • Last modified 09.08.2024 13:55:52

A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded...

8.6

CVE-2024-34219

Exploit
  • EPSS 0.37%
  • Published 14.05.2024 15:38:35
  • Last modified 04.04.2025 14:47:06

TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the SetTelnetCfg function, which allows attackers to log in through telnet.

3.8

CVE-2024-34218

Exploit
  • EPSS 0.59%
  • Published 14.05.2024 15:38:35
  • Last modified 04.04.2025 14:47:14

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter.

7.7

CVE-2024-34217

Exploit
  • EPSS 0.45%
  • Published 14.05.2024 15:38:35
  • Last modified 09.04.2025 14:15:10

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function.

7.3

CVE-2024-34215

Exploit
  • EPSS 0.41%
  • Published 14.05.2024 15:38:35
  • Last modified 09.04.2025 14:15:16

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function.

9.8

CVE-2024-34213

Exploit
  • EPSS 0.46%
  • Published 14.05.2024 15:38:35
  • Last modified 09.04.2025 14:15:23

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function.

7.3

CVE-2024-34212

Exploit
  • EPSS 0.41%
  • Published 14.05.2024 15:38:35
  • Last modified 09.04.2025 14:15:33

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the CloudACMunualUpdate function.

7.3

CVE-2024-34210

Exploit
  • EPSS 6.21%
  • Published 14.05.2024 15:38:34
  • Last modified 09.04.2025 14:15:42

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the CloudACMunualUpdate function via the FileName parameter.

8.8

CVE-2024-34211

Exploit
  • EPSS 0.23%
  • Published 14.05.2024 15:38:34
  • Last modified 09.04.2025 14:15:38

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.