← Back

Totolink

totolink

1,106 CVEs • 155 products

Products (155)

Click to collapse
Toggle
X5000r Firmware
x5000r_firmware
70 CVEs
A3300r Firmware
a3300r_firmware
64 CVEs
A3002r Firmware
a3002r_firmware
61 CVEs
X6000r Firmware
x6000r_firmware
57 CVEs
A3002ru Firmware
a3002ru_firmware
49 CVEs
A3100r Firmware
a3100r_firmware
47 CVEs
X2000r Firmware
x2000r_firmware
45 CVEs
A3700r Firmware
a3700r_firmware
43 CVEs
T6 Firmware
t6_firmware
39 CVEs
N600r Firmware
n600r_firmware
38 CVEs
Ex1200t Firmware
ex1200t_firmware
37 CVEs
A7100ru Firmware
a7100ru_firmware
37 CVEs
Lr350 Firmware
lr350_firmware
36 CVEs
A7000r Firmware
a7000r_firmware
35 CVEs
A950rg Firmware
a950rg_firmware
33 CVEs
A702r Firmware
a702r_firmware
32 CVEs
A810r Firmware
a810r_firmware
29 CVEs
A720r Firmware
a720r_firmware
28 CVEs
Ex1800t Firmware
ex1800t_firmware
28 CVEs
Nr1800x Firmware
nr1800x_firmware
27 CVEs
T8 Firmware
t8_firmware
26 CVEs
A830r Firmware
a830r_firmware
25 CVEs
A3000ru Firmware
a3000ru_firmware
25 CVEs
A3600r Firmware
a3600r_firmware
25 CVEs
X15 Firmware
x15_firmware
25 CVEs
Ca300 Poe Firmware
ca300-poe_firmware
24 CVEs
A800r Firmware
a800r_firmware
23 CVEs
T10 Firmware
t10_firmware
22 CVEs
N200re Firmware
n200re_firmware
21 CVEs
N350rt Firmware
n350rt_firmware
21 CVEs
N150rt Firmware
n150rt_firmware
19 CVEs
Ex200 Firmware
ex200_firmware
19 CVEs
Lr1200gb Firmware
lr1200gb_firmware
19 CVEs
Cp450 Firmware
cp450_firmware
19 CVEs
X18 Firmware
x18_firmware
14 CVEs
Cp900 Firmware
cp900_firmware
13 CVEs
A6000r Firmware
a6000r_firmware
13 CVEs
N300rt Firmware
n300rt_firmware
11 CVEs
Ex1200l Firmware
ex1200l_firmware
11 CVEs
Ca600 Poe Firmware
ca600-poe_firmware
10 CVEs
A860r Firmware
a860r_firmware
8 CVEs
Cp900l Firmware
cp900l_firmware
8 CVEs
Cp300+ Firmware
cp300+_firmware
7 CVEs
N300rh Firmware
n300rh_firmware
7 CVEs
Ex300 V2 Firmware
ex300_v2_firmware
6 CVEs
N100re Firmware
n100re_firmware
5 CVEs
N301rt Firmware
n301rt_firmware
4 CVEs
N302r Firmware
n302r_firmware
4 CVEs
T10 V2 Firmware
t10_v2_firmware
4 CVEs
N200re V5 Firmware
n200re-v5_firmware
4 CVEs
N300rh V3 Firmware
n300rh-v3_firmware
3 CVEs
N302r Plus Firmware
n302r_plus_firmware
3 CVEs
Wa300 Firmware
wa300_firmware
3 CVEs
A850r V1 Firmware
a850r-v1_firmware
2 CVEs
F1 V2 Firmware
f1-v2_firmware
2 CVEs
F2 V1 Firmware
f2-v1_firmware
2 CVEs
N150rt V2 Firmware
n150rt-v2_firmware
2 CVEs
N151rt V2 Firmware
n151rt-v2_firmware
2 CVEs
N300rh V2 Firmware
n300rh-v2_firmware
2 CVEs
N300rt V2 Firmware
n300rt-v2_firmware
2 CVEs
A8000ru Firmware
a8000ru_firmware
2 CVEs
Lr1200 Firmware
lr1200_firmware
2 CVEs
N350r Firmware
n350r_firmware
2 CVEs
A3002ru V1 Firmware
a3002ru-v1_firmware
1 CVE
A3002ru V2 Firmware
a3002ru-v2_firmware
1 CVE
A702r V2 Firmware
a702r-v2_firmware
1 CVE
A702r V3 Firmware
a702r-v3_firmware
1 CVE
N100re V3 Firmware
n100re-v3_firmware
1 CVE
N200re V3 Firmware
n200re-v3_firmware
1 CVE
N200re V4 Firmware
n200re-v4_firmware
1 CVE
N210re Firmware
n210re_firmware
1 CVE
Ar3100r Firmware
ar3100r_firmware
1 CVE
A7000ru Firmware
a7000ru_firmware
1 CVE
A3002ru V3 Firmware
a3002ru-v3_firmware
1 CVE
A6000ub Firmware
a6000ub_firmware
1 CVE
N300rb Firmware
n300rb_firmware
1 CVE
Wa1200 Poe
wa1200-poe
1 CVE
Wa1200 Poe Firmware
wa1200-poe_firmware
1 CVE
Soho
soho
0 CVEs
A3002ru
a3002ru
0 CVEs
A702r
a702r
0 CVEs
N301rt
n301rt
0 CVEs
N302r
n302r
0 CVEs
N300rt
n300rt
0 CVEs
N200re
n200re
0 CVEs
N150rt
n150rt
0 CVEs
N100re
n100re
0 CVEs
A850r V1
a850r-v1
0 CVEs
F1 V2
f1-v2
0 CVEs
F2 V1
f2-v1
0 CVEs
N150rt V2
n150rt-v2
0 CVEs
N151rt V2
n151rt-v2
0 CVEs
N300rh V2
n300rh-v2
0 CVEs
N300rh V3
n300rh-v3
0 CVEs
N300rt V2
n300rt-v2
0 CVEs
A3002r
a3002r
0 CVEs
A3002ru V1
a3002ru-v1
0 CVEs
A3002ru V2
a3002ru-v2
0 CVEs
A702r V2
a702r-v2
0 CVEs
A702r V3
a702r-v3
0 CVEs

CVEs (1,106)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-41319
1Totolink
1A6000r Firmware
Nov 21, 2024
Jul 23, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function.
CVE-2024-41320
1Totolink
1A6000r Firmware
Apr 3, 2025
Jul 22, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the get_apcli_conn_info function.
CVE-2024-41318
1Totolink
1A6000r Firmware
Apr 3, 2025
Jul 22, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
CVE-2024-41317
1Totolink
1A6000r Firmware
Apr 3, 2025
Jul 22, 2024
N/A· v4
8.0 HIGH· v3
N/A· v2
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
CVE-2024-41316
1Totolink
1A6000r Firmware
Apr 3, 2025
Jul 22, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
CVE-2024-41315
1Totolink
1A6000r Firmware
Apr 3, 2025
Jul 22, 2024
N/A· v4
6.8 MEDIUM· v3
N/A· v2
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
CVE-2024-41314
1Totolink
1A6000r Firmware
Apr 3, 2025
Jul 22, 2024
N/A· v4
6.8 MEDIUM· v3
N/A· v2
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
CVE-2024-37626
1Totolink
1A6000r Firmware
Apr 3, 2025
Jun 20, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote attacker to execute arbitrary code via the iface parameter in the vif_enable function.
CVE-2024-37640
1Totolink
1A3700r Firmware
Apr 3, 2025
Jun 14, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg.
CVE-2024-37639
1Totolink
1A3700r Firmware
Apr 3, 2025
Jun 14, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules.
CVE-2024-37637
1Totolink
1A3700r Firmware
Apr 3, 2025
Jun 14, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg.
CVE-2024-37635
1Totolink
1A3700r Firmware
Nov 21, 2024
Jun 13, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
CVE-2024-37634
1Totolink
1A3700r Firmware
Apr 3, 2025
Jun 13, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg.
CVE-2024-37633
1Totolink
1A3700r Firmware
Apr 3, 2025
Jun 13, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg
CVE-2024-37632
1Totolink
1A3700r Firmware
Mar 13, 2025
Jun 13, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
CVE-2024-37631
1Totolink
1A3700r Firmware
Apr 3, 2025
Jun 13, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the File parameter in function UploadCustomModule.
CVE-2024-36650
1Totolink
1A3100r Firmware
Jun 4, 2025
Jun 11, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is...Show more
TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing attackers to construct malicious HTTP or MQTT requests to cause a denial-of-service attack.Show less
CVE-2024-36782
1Totolink
1Cp300+ Firmware
May 30, 2025
Jun 3, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
CVE-2024-36783
1Totolink
1Lr350 Firmware
Apr 4, 2025
Jun 3, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function.
CVE-2024-35403
1Totolink
1Cp900l Firmware
Apr 3, 2025
May 28, 2024
N/A· v4
2.7 LOW· v3
N/A· v2
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setIpPortFilterRules