VYPR

EX1200T

by Totolink

CVEs (49)

  • CVE-2021-42889HigJun 3, 2022
    risk 0.49cvss 7.5epss 0.01

    In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, wifiname, etc.) without authorization.

  • CVE-2021-42886HigJun 3, 2022
    risk 0.49cvss 7.5epss 0.02

    TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file.

  • CVE-2021-42877HigJun 2, 2022
    risk 0.49cvss 7.5epss 0.02

    TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.

  • CVE-2023-4412MedAug 18, 2023
    risk 0.41cvss 6.3epss 0.03

    A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This issue affects the function setWanCfg. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and…

  • CVE-2023-4411MedAug 18, 2023
    risk 0.41cvss 6.3epss 0.05

    A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed…

  • CVE-2023-4410MedAug 18, 2023
    risk 0.41cvss 6.3epss 0.03

    A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023. This affects the function setDiagnosisCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed…

  • CVE-2021-42892MedJun 3, 2022
    risk 0.28cvss 4.3epss 0.01

    In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the default username and password exists in the firmware.

  • CVE-2026-44089Jun 23, 2026
    risk 0.00cvss epss 0.00

    Totolink EX1200L router is vulnerable to Buffer Overflow in the login functionality in cgi-bin/cstecgi.cgi endpoint. This vulnerability could be exploited to cause the program to crash and to execute code remotely. This allows the attacker to perform actions as root including…

  • CVE-2025-51451Aug 13, 2025
    risk 0.00cvss epss 0.00

    In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm.

Page 3 of 3