Totolink Ex1800T Firmware vulnerabilities

28 known vulnerabilities affecting totolink/ex1800t_firmware.

Total CVEs
28
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL20HIGH4MEDIUM4

Vulnerabilities

Page 2 of 2
CVE-2023-51020CRITICALCVSS 9.8v9.1.0cu.2112_b202203162023-12-22
CVE-2023-51020 [CRITICAL] CVE-2023-51020: TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi.
nvd
CVE-2023-51018CRITICALCVSS 9.8v9.1.0cu.2112_b202203162023-12-22
CVE-2023-51018 [CRITICAL] CWE-94 CVE-2023-51018: TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘opmode’ parameter of the setWiFiApConfig interface of the cstecgi .cgi.
nvd
CVE-2023-51026CRITICALCVSS 9.8v9.1.0cu.2112_b202203162023-12-22
CVE-2023-51026 [CRITICAL] CWE-94 CVE-2023-51026: TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi.
nvd
CVE-2023-51027CRITICALCVSS 9.8v9.1.0cu.2112_b202203162023-12-22
CVE-2023-51027 [CRITICAL] CVE-2023-51027: TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi.
nvd
CVE-2023-51013CRITICALCVSS 9.8v9.1.0cu.2112_b202203162023-12-22
CVE-2023-51013 [CRITICAL] CVE-2023-51013: TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi.
nvd
CVE-2023-51023CRITICALCVSS 9.8v9.1.0cu.2112_b202203162023-12-22
CVE-2023-51023 [CRITICAL] CVE-2023-51023: TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_t TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi.
nvd
CVE-2023-51025CRITICALCVSS 9.8v9.1.0cu.2112_b202203162023-12-22
CVE-2023-51025 [CRITICAL] CWE-77 CVE-2023-51025: TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command executio TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi.
nvd
CVE-2023-51014CRITICALCVSS 9.8v9.1.0cu.2112_b202203162023-12-22
CVE-2023-51014 [CRITICAL] CWE-77 CVE-2023-51014: TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution i TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi
nvd
← Previous2 / 2