VYPR

X5000R

by Totolink

CVEs (70)

  • CVE-2024-57012Jan 15, 2025
    risk 0.00cvss epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setScheduleCfg.

  • CVE-2024-57020Jan 15, 2025
    risk 0.00cvss epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sMinute" parameter in setWiFiScheduleCfg.

  • CVE-2024-57021Jan 15, 2025
    risk 0.00cvss epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eHour" parameter in setWiFiScheduleCfg.

  • CVE-2024-57019Jan 15, 2025
    risk 0.00cvss epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "limit" parameter in setVpnAccountCfg.

  • CVE-2024-57013Jan 15, 2025
    risk 0.00cvss epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "switch" parameter in setScheduleCfg.

  • CVE-2024-57018Jan 15, 2025
    risk 0.00cvss epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setVpnAccountCfg.

  • CVE-2024-57011Jan 15, 2025
    risk 0.00cvss epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg.

  • CVE-2024-57025Jan 15, 2025
    risk 0.00cvss epss 0.01

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "desc" parameter in setWiFiScheduleCfg.

  • CVE-2024-57014Jan 15, 2025
    risk 0.00cvss epss 0.01

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "recHour" parameter in setScheduleCfg.

  • CVE-2024-57024Jan 15, 2025
    risk 0.00cvss epss 0.01

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "eMinute" parameter in setWiFiScheduleCfg.

  • CVE-2024-57022Jan 15, 2025
    risk 0.00cvss epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg.

  • CVE-2024-57017Jan 15, 2025
    risk 0.00cvss epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "pass" parameter in setVpnAccountCfg.

  • CVE-2024-42736Aug 13, 2024
    risk 0.00cvss epss 0.02

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in addBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands.

  • CVE-2024-42739Aug 13, 2024
    risk 0.00cvss epss 0.02

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

  • CVE-2024-42738Aug 13, 2024
    risk 0.00cvss epss 0.02

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

  • CVE-2024-42740Aug 13, 2024
    risk 0.00cvss epss 0.03

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setLedCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

  • CVE-2024-42747Aug 12, 2024
    risk 0.00cvss epss 0.01

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

  • CVE-2024-42743Aug 12, 2024
    risk 0.00cvss epss 0.02

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setSyslogCfg . Authenticated Attackers can send malicious packet to execute arbitrary commands.

  • CVE-2024-42742Aug 12, 2024
    risk 0.00cvss epss 0.02

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules. Authenticated Attackers can send malicious packet to execute arbitrary commands.

  • CVE-2024-42741Aug 12, 2024
    risk 0.00cvss epss 0.01

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.