Totolink N100re Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Totolink N100re Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2019-19825 — CVSS 9.8 (critical): On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the…
CVE-2019-19824 — CVSS 8.8 (high): On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the…
CVE-2019-19822 — CVSS 7.5 (high): A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the…
CVE-2019-19823 — CVSS 7.5 (high): A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords…
CVE-2020-23617 — CVSS 6.1 (medium): A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute…