Totolink Cp300+ Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Totolink Cp300+ Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-31856 — CVSS 9.8 (critical): A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594_B20200910 allows…
CVE-2023-36952 — CVSS 9.8 (critical): TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg.
CVE-2023-36955 — CVSS 9.8 (critical): TOTOLINK CP300+ <=V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the File parameter in the function…
CVE-2023-34669 — CVSS 7.5 (high): TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which…