A950rg Firmware

a950rg_firmware

Vendor: Totolink • 33 CVEs

CVEs (33)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-67189 1Totolink 1A950rg Firmware Feb 10, 2026 Feb 3, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A buffer overflow vulnerability exists in the setParentalRules interface of TOTOLINK A950RG V4.1.2cu.5204_B20210112. The urlKeyword parameter is not properly validated, and the function concatenates multiple user-control...Show more A buffer overflow vulnerability exists in the setParentalRules interface of TOTOLINK A950RG V4.1.2cu.5204_B20210112. The urlKeyword parameter is not properly validated, and the function concatenates multiple user-controlled fields into a fixed-size stack buffer without performing boundary checks. A remote attacker can exploit this flaw to cause denial of service or potentially achieve arbitrary code execution.Show less
CVE-2025-67188 1Totolink 1A950rg Firmware Feb 10, 2026 Feb 3, 2026 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The issue resides in the setRadvdCfg interface of the /lib/cste_modules/ipv6.so module. The function fails to properly validate the lengt...Show more A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The issue resides in the setRadvdCfg interface of the /lib/cste_modules/ipv6.so module. The function fails to properly validate the length of the user-controlled radvdinterfacename parameter, allowing remote attackers to trigger a stack buffer overflow.Show less
CVE-2025-67187 1Totolink 1A950rg Firmware Feb 10, 2026 Feb 3, 2026 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The flaw exists in the setIpQosRules interface of /lib/cste_modules/firewall.so where the comment parameter is not pr...Show more A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The flaw exists in the setIpQosRules interface of /lib/cste_modules/firewall.so where the comment parameter is not properly validated for length.Show less
CVE-2025-67186 1Totolink 1A950rg Firmware Feb 10, 2026 Feb 3, 2026 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cste_modules/firewall.so. The vulnerability occurs because the `url` parameter is not properly v...Show more TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cste_modules/firewall.so. The vulnerability occurs because the `url` parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially leading to arbitrary code execution or denial of service.Show less
CVE-2025-60702 1Totolink 1A950rg Firmware Nov 18, 2025 Nov 13, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `system.so` binary. The `setDiagnosisCfg` function retrieves the `ipDoamin` parameter from user input vi...Show more A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `system.so` binary. The `setDiagnosisCfg` function retrieves the `ipDoamin` parameter from user input via `websGetVar` and concatenates it directly into a `ping` system command executed via `CsteSystem()` without any sanitization. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary commands on the device through specially crafted HTTP requests to the router's web interface.Show less
CVE-2025-60699 1Totolink 1A950rg Firmware Nov 18, 2025 Nov 13, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `global.so` binary. The `getSaveConfig` function retrieves the `http_host` parameter from user input via `...Show more A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `global.so` binary. The `getSaveConfig` function retrieves the `http_host` parameter from user input via `websGetVar` and copies it into a fixed-size stack buffer (`v13`) using `strcpy()` without performing any length checks. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted HTTP request to the router's web interface, potentially leading to arbitrary code execution.Show less
CVE-2025-44655 1Totolink 3A7100ru Firmware A950rg FirmwareT10 Firmware Aug 7, 2025 Jul 21, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised ser...Show more In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.Show less
CVE-2025-4496 1Totolink 7A3000ru Firmware A3100r FirmwareA800r Firmware+4 more Jul 29, 2025 May 10, 2025 8.7 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file...Show more A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-45798 1Totolink 1A950rg Firmware May 19, 2025 May 8, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. The vulnerability is located in the setNoticeCfg interface within the /lib/cste_modules/system.so library, specifically in the proc...Show more A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. The vulnerability is located in the setNoticeCfg interface within the /lib/cste_modules/system.so library, specifically in the processing of the IpTo parameter.Show less
CVE-2025-45797 1Totolink 1A950rg Firmware May 16, 2025 May 8, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/...Show more TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so.Show less
CVE-2025-45800 1Totolink 1A950rg Firmware Jun 4, 2025 May 2, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a command execution vulnerability in the setDeviceName interface of the /lib/cste_modules/global.so library, specifically in the processing of the deviceMac parameter.
CVE-2025-28028 1Totolink 4A3000ru Firmware A3100r FirmwareA830r Firmware+1 more May 6, 2025 Apr 23, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through t...Show more TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v5 parameter.Show less
CVE-2025-28025 1Totolink 4A3000ru Firmware A3100r FirmwareA830r Firmware+1 more May 6, 2025 Apr 23, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through t...Show more TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v14 parameter.Show less
CVE-2025-28036 1Totolink 6A3000ru Firmware A3100r FirmwareA800r Firmware+3 more Apr 29, 2025 Apr 22, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.
CVE-2025-28035 1Totolink 6A3000ru Firmware A3100r FirmwareA800r Firmware+3 more Apr 29, 2025 Apr 22, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.
CVE-2025-28029 1Totolink 4A3000ru Firmware A3100r FirmwareA830r Firmware+1 more May 7, 2025 Apr 22, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in cstecgi.cgi
CVE-2025-28027 1Totolink 4A3000ru Firmware A3100r FirmwareA830r Firmware+1 more May 7, 2025 Apr 22, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 was found to contain a buffer overflow vulnerability in downloadFile.cgi.
CVE-2025-28026 1Totolink 4A3000ru Firmware A3100r FirmwareA830r Firmware+1 more May 7, 2025 Apr 22, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi.
CVE-2025-28037 1Totolink 2A810r Firmware A950rg Firmware Apr 29, 2025 Apr 22, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.
CVE-2025-28034 1Totolink 6A3000ru Firmware A3100r FirmwareA800r Firmware+3 more Apr 29, 2025 Apr 22, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain...Show more TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.Show less

12 Next