Skip to main content

Ex300 V2 Firmware

2 CVEs product

Monthly

CVE-2022-32449 CRITICAL POC THREAT Act Now

TOTOLINK EX300_V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ex300 V2 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
18.4%
CVE-2022-25008 HIGH POC This Week

totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an authentication mechanism. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ex300 V2 Firmware Ex1200t Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
4.3%
EPSS 18% CVSS 9.8
CRITICAL POC THREAT Act Now

TOTOLINK EX300_V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ex300 V2 Firmware
NVD GitHub
EPSS 4% CVSS 8.8
HIGH POC This Week

totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an authentication mechanism. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Ex300 V2 Firmware Ex1200t Firmware
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy