CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 2CVE-2023-2790 – TOTOLINK N200RE Telnet Service custom.conf password in configuration file
https://notcve.org/view.php?id=CVE-2023-2790
A vulnerability classified as problematic has been found in TOTOLINK N200RE 9.3.5u.6255_B20211224. Affected is an unknown function of the file /squashfs-root/etc_ro/custom.conf of the component Telnet Service. The manipulation leads to password in configuration file. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. • https://drive.google.com/file/d/1RITXRvKele5aW42YFk0JeQHCq2B63lUj/view?usp=share_link https://vuldb.com/?ctiid.229374 https://vuldb.com/?id.229374 • CWE-260: Password in Configuration File •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 1CVE-2022-48113
https://notcve.org/view.php?id=CVE-2022-48113
A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to access the telnet service via a crafted POST request. Attackers are also able to leverage this vulnerability to login as root via hardcoded credentials. • https://wefir.blogspot.com/2022/12/totolink-n200rev5-telnet-backdoor.html • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2020-23617
https://notcve.org/view.php?id=CVE-2020-23617
A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTML via SCRIPT element. Una vulnerabilidad de tipo cross site scripting (XSS) en la página de error de los routers Totolink N200RE y N100RE versión 2.0, permite a atacantes ejecutar scripts web o HTML arbitrarios por medio del elemento SCRIPT • http://totolink.net https://gist.github.com/fuzzKitty/8ca2587213874e94e5c0aedf346c18b1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 26EXPL: 1CVE-2020-25499
https://notcve.org/view.php?id=CVE-2020-25499
TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router. TOTOLINK A3002RU-V2.0.0 versión B20190814.1034, permite a usuarios remotos autenticados modificar el "Run Command" del sistema. Un atacante puede usar esta funcionalidad para ejecutar comandos arbitrarios del sistema operativo en el enrutador • https://github.com/kdoos/Vulnerabilities/blob/main/RCE_TOTOLINK-A3002RU-V2 https://www.totolink.net/home/index/newsss/id/196.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-862: Missing Authorization •
CVSS: 9.0EPSS: 91%CPEs: 16EXPL: 4CVE-2019-19824 – Realtek SDK Information Disclosure / Code Execution
https://notcve.org/view.php?id=CVE-2019-19824
On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0. En determinados enrutadores basados ??en TOTOLINK Realtek SDK, un atacante autenticado puede ejecutar comandos arbitrarios de Sistema Operativo por medio del parámetro sysCmd en el URI boafrm/formSysCmd, inclusive si la GUI (syscmd.htm) no está disponible. • http://packetstormsecurity.com/files/156083/Realtek-SDK-Information-Disclosure-Code-Execution.html http://seclists.org/fulldisclosure/2020/Jan/36 http://seclists.org/fulldisclosure/2020/Jan/38 https://sploit.tech https://github.com/yckuo-sdc/totolink-boa-api-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •