Ex200
This hub aggregates every CVE we track for Ex200, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
15
CVEs tracked
2
Critical
8
High
0
In CISA KEV
Severity distribution
HIGH8MEDIUM4CRITICAL2LOW1
Monthly trend
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
1
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Ex200.
- CVE-2026-11620TOTOLINK EX200 vsftpd vsftpd.conf least privilege violation5.3
- CVE-2025-65606Уязвимость функции загрузки прошивки микропрограммного обеспечения роутеров TOTOLINK EX200, позволяющая нарушителю получить полный контроль над устройством7.2
- CVE-2024-7336TOTOLINK EX200 cstecgi.cgi loginauth buffer overflow8.8
- CVE-2024-7335TOTOLINK EX200 getSaveConfig buffer overflow8.8
- CVE-2024-32325TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig function.2.4
- CVE-2024-32326TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the key parameter in the setWiFiExtenderConfig function.6.8
- CVE-2024-31815In TOTOLINK EX200 V4.0.3c.7314_B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettings.sh9.1
- CVE-2024-31812In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getWiFiExtenderConfig.6.5
- CVE-2024-31811TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the langType parameter in the setLanguageCfg function.8.0
- CVE-2024-31805TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to start the Telnet service without authorization via the telnet_enabled parameter in the setTelnetCfg function.6.5
- CVE-2024-31814TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to bypass login through the Form_Login function.8.8
- CVE-2024-31807TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the hostTime parameter in the NTPSyncWithHost function.9.8
- CVE-2024-31808TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the webWlanIdx parameter in the setWebWlanIdx function.8.8
- CVE-2024-31809TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the FileName parameter in the setUpgradeFW function.8.8
- CVE-2024-31817In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getSysStatusCfg.7.5
Product normalization is registry-driven with AI assist and human review. How it works