Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ex1200t_firmware
(Totolink)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-30 | CVE-2022-25008 | totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an authentication mechanism. | Ex1200t_firmware, Ex300_v2_firmware | 8.8 | ||
| 2022-06-02 | CVE-2021-42872 | TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code. | Ex1200t_firmware | 9.8 | ||
| 2022-06-02 | CVE-2021-42875 | TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cste_modules/system.so to control the ipDoamin. | Ex1200t_firmware | 9.8 | ||
| 2022-06-02 | CVE-2021-42877 | TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system. | Ex1200t_firmware | 7.5 | ||
| 2022-06-03 | CVE-2021-42884 | TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceName of the file global.so which can control thedeviceName to attack. | Ex1200t_firmware | 9.8 | ||
| 2022-06-03 | CVE-2021-42885 | TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceMac of the file global.so which can control deviceName to attack. | Ex1200t_firmware | 9.8 | ||
| 2022-06-03 | CVE-2021-42886 | TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file. | Ex1200t_firmware | 7.5 | ||
| 2022-06-03 | CVE-2021-42887 | In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm. | Ex1200t_firmware | 9.8 | ||
| 2022-06-03 | CVE-2021-42888 | TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setLanguageCfg of the file global.so which can control langType to attack. | Ex1200t_firmware | 9.8 | ||
| 2022-06-03 | CVE-2021-42889 | In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, wifiname, etc.) without authorization. | Ex1200t_firmware | 7.5 |