Totolink Cp900l Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Totolink Cp900l Firmware.
By the Year
In 2026 there have been 0 vulnerabilities in Totolink Cp900l Firmware. Cp900l Firmware did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 8 | 0.00 |
It may take a day or so for new Cp900l Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Totolink Cp900l Firmware Security Vulnerabilities
CVE-2024-35403: Stack Overflow in TOTOLINK CP900L v4.1.5 via desc
CVE-2024-35403
- May 28, 2024
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setIpPortFilterRules
Command Injection via FileName in TOTOLINK CP900L v4.1.5cu firmware upload
CVE-2024-35401
- May 28, 2024
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function.
Stack Overflow in TOTOLINK CP900L v4.1.5cu.798 via desc param in SFPR
CVE-2024-35400
- May 28, 2024
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function SetPortForwardRules
Stack Overflow in loginAuth password on TOTOLINK CP900L v4.1.5cu.798_B20221228
CVE-2024-35399
- May 28, 2024
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the password parameter in the function loginAuth
TOTOLINK CP900L v4.1.5cu.798 stack overflow in setMacFilterRules
CVE-2024-35398
- May 28, 2024
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setMacFilterRules.
CMD-INJ in TOTOLINK CP900L v4.1.5cu.798_B20221228 NTPSyncWithHost
CVE-2024-35397
- May 28, 2024
TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Hardcoded Password in product.ini of TOTOLINK CP900L v4.1.5 Enables Root Telnet
CVE-2024-35396
- May 24, 2024
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows attackers to log in as root.
Use of Hard-coded Credentials
TOTOLINK CP900L Hardcoded Password in /etc/shadow.sample v4.1.5cu.798 root login
CVE-2024-35395
- May 24, 2024
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Totolink Cp900l Firmware or by Totolink? Click the Watch button to subscribe.
