Filtered by vendor Totolink Subscriptions
Filtered by product Ex1800t Firmware Subscriptions
Total 21 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-12352 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-12-11 4.3 Medium
A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function sub_40662C of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2023-51020 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-26 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi.
CVE-2024-34257 1 Totolink 1 Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType parameter that allows unauthorized execution of arbitrary commands, allowing an attacker to obtain device administrator privileges.
CVE-2023-52026 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface
CVE-2023-51028 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi.
CVE-2023-51027 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi.
CVE-2023-51026 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi.
CVE-2023-51025 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi.
CVE-2023-51024 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi.
CVE-2023-51023 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi.
CVE-2023-51022 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langFlag’ parameter of the setLanguageCfg interface of the cstecgi .cgi.
CVE-2023-51021 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi.
CVE-2023-51019 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi.
CVE-2023-51018 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘opmode’ parameter of the setWiFiApConfig interface of the cstecgi .cgi.
CVE-2023-51017 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi.
CVE-2023-51016 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi.
CVE-2023-51015 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi
CVE-2023-51014 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi
CVE-2023-51013 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi.
CVE-2023-51012 1 Totolink 2 Ex1800t, Ex1800t Firmware 2024-11-21 9.8 Critical
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi.