Note:
This project will be discontinued after December 13, 2021. [more]
Product:
X2000r_firmware
(Totolink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 39 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-10-25 | CVE-2023-46560 | TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formTcpipSetup. | X2000r_firmware | 9.8 | ||
| 2023-10-25 | CVE-2023-46562 | TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDosCfg. | X2000r_firmware | 9.8 | ||
| 2023-10-25 | CVE-2023-46563 | TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpQoS. | X2000r_firmware | 9.8 | ||
| 2023-10-25 | CVE-2023-46564 | TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDMZ. | X2000r_firmware | 9.8 | ||
| 2023-12-30 | CVE-2023-51133 | TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute. | X2000r_firmware | 9.8 | ||
| 2023-12-30 | CVE-2023-51135 | TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup. | X2000r_firmware | 9.8 | ||
| 2023-12-30 | CVE-2023-51136 | TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRebootSchedule. | X2000r_firmware | 9.8 | ||
| 2024-01-07 | CVE-2023-7208 | A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | X2000r_firmware | 9.8 | ||
| 2024-01-09 | CVE-2023-7222 | A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249856. NOTE: The vendor was contacted early about this... | X2000r_firmware | 9.8 |