Filtered by vendor Totolink Subscriptions
Filtered by product Cp450 Subscriptions
Total 21 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-15271 1 Totolink 8 A3000ru, A3100r, A950rg and 5 more 2026-07-10 7.5 High
A security vulnerability has been detected in TOTOLINK A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185R_T10 and EX200 up to 20260906. Affected by this issue is some unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. The manipulation leads to least privilege violation. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitation is known to be difficult.
CVE-2026-11554 1 Totolink 2 Cp450, Cp450 Firmware 2026-06-08 4.3 Medium
A vulnerability was determined in TOTOLINK CP450 4.1.0cu.747. This vulnerability affects unknown code of the file /etc/vsftpd.conf of the component vsftpd. This manipulation causes least privilege violation. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2024-34204 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 9.8 Critical
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter.
CVE-2024-34205 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 7.3 High
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the download_firmware function.
CVE-2024-34206 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 6.5 Medium
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter.
CVE-2024-34207 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 8.8 High
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function.
CVE-2024-34209 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 9.8 Critical
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpPortFilterRules function.
CVE-2024-34210 1 Totolink 3 Cp450, Cp450 Firmware, Outdoor Cpe Cp450 2025-04-09 7.3 High
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the CloudACMunualUpdate function via the FileName parameter.
CVE-2024-34211 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 8.8 High
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
CVE-2024-34212 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 7.3 High
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the CloudACMunualUpdate function.
CVE-2024-34213 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 9.8 Critical
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function.
CVE-2024-34215 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 7.3 High
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function.
CVE-2024-34217 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 7.7 High
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the addWlProfileClientMode function.
CVE-2024-34218 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-04 3.8 Low
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter.
CVE-2024-34219 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-04 8.6 High
TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the SetTelnetCfg function, which allows attackers to log in through telnet.
CVE-2024-34200 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-03 8.8 High
TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpQosRules function.
CVE-2024-34201 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-03 7.3 High
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the getSaveConfig function.
CVE-2024-34202 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-03 6.5 Medium
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setMacFilterRules function.
CVE-2024-34203 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-03 3.8 Low
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function.
CVE-2024-7465 1 Totolink 2 Cp450, Cp450 Firmware 2024-08-15 8.8 High
A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747_B20191224. Affected is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-273558 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.