Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ex1200t_firmware
(Totolink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 33 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-06-10 | CVE-2025-5911 | A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | Ex1200t_firmware | 8.8 | ||
| 2025-06-06 | CVE-2025-5792 | A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Ex1200t_firmware | 6.5 | ||
| 2025-06-06 | CVE-2025-5793 | A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | Ex1200t_firmware | 6.5 | ||
| 2025-06-04 | CVE-2025-5600 | A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument LangType leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Ex1200t_firmware | N/A | ||
| 2025-04-22 | CVE-2025-28039 | TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter. | Ex1200t_firmware | N/A | ||
| 2025-04-22 | CVE-2025-28038 | TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter. | Ex1200t_firmware | N/A | ||
| 2022-03-30 | CVE-2022-25008 | totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an authentication mechanism. | Ex1200t_firmware, Ex300_v2_firmware | 8.8 | ||
| 2022-06-02 | CVE-2021-42872 | TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code. | Ex1200t_firmware | 9.8 | ||
| 2022-06-02 | CVE-2021-42875 | TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cste_modules/system.so to control the ipDoamin. | Ex1200t_firmware | 9.8 | ||
| 2022-06-02 | CVE-2021-42877 | TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system. | Ex1200t_firmware | 7.5 |