All 8 CVE vulnerabilities found in X2000R, with AI-generated Chinese analysis, references, and POCs.
Vendor: Totolink
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2025-9577 | TOTOLINK X2000R Administrative shadow.sample default credentials CWE-1392 | 2.5 | Low | 2025-08-28 |
| CVE-2025-5543 | TOTOLINK X2000R Parent Controls Page cross site scripting CWE-79 | 2.4 | Low | 2025-06-03 |
| CVE-2025-5542 | TOTOLINK X2000R Virtual Server Page formPortFw cross site scripting CWE-79 | 2.4 | Low | 2025-06-03 |
| CVE-2025-5516 | TOTOLINK X2000R URL Filtering Page formFilter cross site scripting CWE-79 | 2.4 | Low | 2025-06-03 |
| CVE-2025-5515 | TOTOLINK X2000R formMapDel command injection CWE-77 | 6.3 | Medium | 2025-06-03 |
| CVE-2025-5504 | TOTOLINK X2000R formWsc command injection CWE-77 | 6.3 | Medium | 2025-06-03 |
| CVE-2024-0579 | Totolink X2000R formMapDelDevice command injection CWE-77 | 6.3 | Medium | 2024-01-16 |
| CVE-2023-7222 | Totolink X2000R HTTP POST Request boa formTmultiAP buffer overflow CWE-120 | 7.2 | High | 2024-01-09 |
All 8 known CVE vulnerabilities affecting X2000R with full Chinese analysis, references, and POCs where available.