All 9 CVE vulnerabilities found in X6000R, with AI-generated Chinese analysis, references, and POCs.
Vendor: Totolink
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2026-4611 | TOTOLINK X6000R shttpd setLanCfg privilege escalation CWE-78 | 7.2 | High | 2026-03-23 |
| CVE-2026-1723 | TOTOLINK X6000R Unauthenticated Command Injection Vulnerability CWE-78 | 9.8AI | CriticalAI | 2026-01-30 |
| CVE-2025-11005 | TOTOLINK X6000R Unauthenticated Command Injection Vulnerability CWE-78 | 9.8AI | CriticalAI | 2025-09-25 |
| CVE-2025-52907 | TOTOLINK X6000R Security Bypass Vulnerability CWE-20 | 9.8AI | CriticalAI | 2025-09-24 |
| CVE-2025-52906 | TOTOLINK X6000R Command Injection Vulnerability CWE-78 | 9.8AI | CriticalAI | 2025-09-24 |
| CVE-2025-52905 | TOTOLINK X6000R Argument Injection Vulnerability CWE-20 | 7.5AI | HighAI | 2025-09-23 |
| CVE-2024-7907 | TOTOLINK X6000R cstecgi.cgi setSyslogCfg command injection CWE-77 | 6.3 | Medium | 2024-08-18 |
| CVE-2024-2353 | Totolink X6000R shttpd cstecgi.cgi setDiagnosisCfg os command injection CWE-78 | 8.8 | High | 2024-03-10 |
| CVE-2024-1661 | Totolink X6000R shadow hard-coded credentials CWE-798 | 2.5 | Low | 2024-02-20 |
All 9 known CVE vulnerabilities affecting X6000R with full Chinese analysis, references, and POCs where available.