Totolink X5000R vulnerabilities
3 known vulnerabilities affecting totolink/x5000r.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-14586MEDIUMCVSS 5.3v9.1.0cu.2089_B202112242025-12-13
CVE-2025-14586 [MEDIUM] CWE-77 CVE-2025-14586: A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue is
A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi.cgi?action=exportOvpn&type=user. This manipulation of the argument User causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be uti
cvelistv5nvd
CVE-2025-9934MEDIUMCVSS 5.3v9.1.0cu.2415_B202505152025-09-04
CVE-2025-9934 [MEDIUM] CWE-74 CVE-2025-9934: A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415_B20250515. This affects the function sub_4
A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415_B20250515. This affects the function sub_410C34 of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument pid results in command injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
cvelistv5nvd
CVE-2023-6612CRITICALCVSS 9.8v9.1.0cu.2300_B202301122023-12-08
CVE-2023-6612 [MEDIUM] CWE-78 CVE-2023-6612: A vulnerability was found in Totolink X5000R 9.1.0cu.2300_B20230112. It has been rated as critical.
A vulnerability was found in Totolink X5000R 9.1.0cu.2300_B20230112. It has been rated as critical. This issue affects the function setDdnsCfg/setDynamicRoute/setFirewallType/setIPSecCfg/setIpPortFilterRules/setLancfg/setLoginPasswordCfg/setMacFilterRules/setMtknatCfg/setNetworkConfig/setPortForwardRules/setRemoteCfg/setSSServer/setScheduleCfg/setSmartQ
cvelistv5nvd