CVE-2026-15271
- EPSS -
- Veröffentlicht 09.07.2026 21:30:10
- Zuletzt bearbeitet 09.07.2026 22:17:02
A security vulnerability has been detected in TOTOLINK A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185R_T10 and EX200 up to 20260906. Affected by this issue is some unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. ...
CVE-2026-11620
- EPSS 0.29%
- Veröffentlicht 09.06.2026 02:45:10
- Zuletzt bearbeitet 09.06.2026 13:33:34
A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remot...
CVE-2024-31810
- EPSS 0.62%
- Veröffentlicht 14.05.2024 15:25:45
- Zuletzt bearbeitet 09.04.2025 14:20:06
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVE-2024-32325
- EPSS 0.49%
- Veröffentlicht 18.04.2024 17:15:48
- Zuletzt bearbeitet 13.05.2025 00:53:54
TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig function.
CVE-2024-32326
- EPSS 0.58%
- Veröffentlicht 18.04.2024 17:15:48
- Zuletzt bearbeitet 07.04.2025 14:26:49
TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the key parameter in the setWiFiExtenderConfig function.
CVE-2024-31817
- EPSS 55.34%
- Veröffentlicht 08.04.2024 13:15:09
- Zuletzt bearbeitet 24.03.2025 17:19:53
In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getSysStatusCfg.