X5000r_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
X5000r_firmware
(Totolink)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	49

Date	Id	Summary	Products	Score	Patch	Annotated
2024-03-16	CVE-2024-28640	Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.	A7000r_firmware, X5000r_firmware	N/A
2025-01-15	CVE-2024-57021	TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg.	X5000r_firmware	8.8
2025-01-15	CVE-2024-57022	TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg.	X5000r_firmware	8.8
2025-01-15	CVE-2024-57019	TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAccountCfg.	X5000r_firmware	8.8
2025-01-15	CVE-2024-57014	TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "recHour" parameter in setScheduleCfg.	X5000r_firmware	8.8
2025-01-15	CVE-2024-57015	TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "hour" parameter in setScheduleCfg.	X5000r_firmware	8.8
2025-01-15	CVE-2024-57020	TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg.	X5000r_firmware	8.8
2025-01-15	CVE-2024-57011	TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg.	X5000r_firmware	8.8
2025-01-15	CVE-2024-57012	TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setScheduleCfg.	X5000r_firmware	8.8
2025-01-15	CVE-2024-57013	TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "switch" parameter in setScheduleCfg.	X5000r_firmware	8.8