Ex200 firmware
This hub aggregates every CVE we track for Ex200 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
19
CVEs tracked
4
Critical
9
High
0
In CISA KEV
Severity distribution
HIGH9MEDIUM5CRITICAL4LOW1
Monthly trend
0
2
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Ex200 firmware.
- CVE-2024-53333TOTOLINK EX200 v4.0.3c.7646_B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "us...6.3
- CVE-2024-7336TOTOLINK EX200 cstecgi.cgi loginauth buffer overflow8.8
- CVE-2024-7335TOTOLINK EX200 getSaveConfig buffer overflow8.8
- CVE-2024-31810TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample.9.8
- CVE-2024-32325TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig function.2.4
- CVE-2024-32326TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the key parameter in the setWiFiExtenderConfig function.6.8
- CVE-2024-31815In TOTOLINK EX200 V4.0.3c.7314_B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettings.sh9.1
- CVE-2024-31812In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getWiFiExtenderConfig.6.5
- CVE-2024-31811TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the langType parameter in the setLanguageCfg function.8.0
- CVE-2024-31805TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to start the Telnet service without authorization via the telnet_enabled parameter in the setTelnetCfg function.6.5
- CVE-2024-31814TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to bypass login through the Form_Login function.8.8
- CVE-2024-31807TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the hostTime parameter in the NTPSyncWithHost function.9.8
- CVE-2024-31813TOTOLINK EX200 V4.0.3c.7646_B20201211 does not contain an authentication mechanism by default.8.4
- CVE-2024-31808TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the webWlanIdx parameter in the setWebWlanIdx function.8.8
- CVE-2024-31806TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a Denial-of-Service (DoS) vulnerability in the RebootSystem function which can reboot the system without authorization.6.5
Product normalization is registry-driven with AI assist and human review. How it works