← Back

Totolink

totolink

1,106 CVEs • 155 products

Products (155)

Click to collapse
Toggle
X5000r Firmware
x5000r_firmware
70 CVEs
A3300r Firmware
a3300r_firmware
64 CVEs
A3002r Firmware
a3002r_firmware
61 CVEs
X6000r Firmware
x6000r_firmware
57 CVEs
A3002ru Firmware
a3002ru_firmware
49 CVEs
A3100r Firmware
a3100r_firmware
47 CVEs
X2000r Firmware
x2000r_firmware
45 CVEs
A3700r Firmware
a3700r_firmware
43 CVEs
T6 Firmware
t6_firmware
39 CVEs
N600r Firmware
n600r_firmware
38 CVEs
Ex1200t Firmware
ex1200t_firmware
37 CVEs
A7100ru Firmware
a7100ru_firmware
37 CVEs
Lr350 Firmware
lr350_firmware
36 CVEs
A7000r Firmware
a7000r_firmware
35 CVEs
A950rg Firmware
a950rg_firmware
33 CVEs
A702r Firmware
a702r_firmware
32 CVEs
A810r Firmware
a810r_firmware
29 CVEs
A720r Firmware
a720r_firmware
28 CVEs
Ex1800t Firmware
ex1800t_firmware
28 CVEs
Nr1800x Firmware
nr1800x_firmware
27 CVEs
T8 Firmware
t8_firmware
26 CVEs
A830r Firmware
a830r_firmware
25 CVEs
A3000ru Firmware
a3000ru_firmware
25 CVEs
A3600r Firmware
a3600r_firmware
25 CVEs
X15 Firmware
x15_firmware
25 CVEs
Ca300 Poe Firmware
ca300-poe_firmware
24 CVEs
A800r Firmware
a800r_firmware
23 CVEs
T10 Firmware
t10_firmware
22 CVEs
N200re Firmware
n200re_firmware
21 CVEs
N350rt Firmware
n350rt_firmware
21 CVEs
N150rt Firmware
n150rt_firmware
19 CVEs
Ex200 Firmware
ex200_firmware
19 CVEs
Lr1200gb Firmware
lr1200gb_firmware
19 CVEs
Cp450 Firmware
cp450_firmware
19 CVEs
X18 Firmware
x18_firmware
14 CVEs
Cp900 Firmware
cp900_firmware
13 CVEs
A6000r Firmware
a6000r_firmware
13 CVEs
N300rt Firmware
n300rt_firmware
11 CVEs
Ex1200l Firmware
ex1200l_firmware
11 CVEs
Ca600 Poe Firmware
ca600-poe_firmware
10 CVEs
A860r Firmware
a860r_firmware
8 CVEs
Cp900l Firmware
cp900l_firmware
8 CVEs
Cp300+ Firmware
cp300+_firmware
7 CVEs
N300rh Firmware
n300rh_firmware
7 CVEs
Ex300 V2 Firmware
ex300_v2_firmware
6 CVEs
N100re Firmware
n100re_firmware
5 CVEs
N301rt Firmware
n301rt_firmware
4 CVEs
N302r Firmware
n302r_firmware
4 CVEs
T10 V2 Firmware
t10_v2_firmware
4 CVEs
N200re V5 Firmware
n200re-v5_firmware
4 CVEs
N300rh V3 Firmware
n300rh-v3_firmware
3 CVEs
N302r Plus Firmware
n302r_plus_firmware
3 CVEs
Wa300 Firmware
wa300_firmware
3 CVEs
A850r V1 Firmware
a850r-v1_firmware
2 CVEs
F1 V2 Firmware
f1-v2_firmware
2 CVEs
F2 V1 Firmware
f2-v1_firmware
2 CVEs
N150rt V2 Firmware
n150rt-v2_firmware
2 CVEs
N151rt V2 Firmware
n151rt-v2_firmware
2 CVEs
N300rh V2 Firmware
n300rh-v2_firmware
2 CVEs
N300rt V2 Firmware
n300rt-v2_firmware
2 CVEs
A8000ru Firmware
a8000ru_firmware
2 CVEs
Lr1200 Firmware
lr1200_firmware
2 CVEs
N350r Firmware
n350r_firmware
2 CVEs
A3002ru V1 Firmware
a3002ru-v1_firmware
1 CVE
A3002ru V2 Firmware
a3002ru-v2_firmware
1 CVE
A702r V2 Firmware
a702r-v2_firmware
1 CVE
A702r V3 Firmware
a702r-v3_firmware
1 CVE
N100re V3 Firmware
n100re-v3_firmware
1 CVE
N200re V3 Firmware
n200re-v3_firmware
1 CVE
N200re V4 Firmware
n200re-v4_firmware
1 CVE
N210re Firmware
n210re_firmware
1 CVE
Ar3100r Firmware
ar3100r_firmware
1 CVE
A7000ru Firmware
a7000ru_firmware
1 CVE
A3002ru V3 Firmware
a3002ru-v3_firmware
1 CVE
A6000ub Firmware
a6000ub_firmware
1 CVE
N300rb Firmware
n300rb_firmware
1 CVE
Wa1200 Poe
wa1200-poe
1 CVE
Wa1200 Poe Firmware
wa1200-poe_firmware
1 CVE
Soho
soho
0 CVEs
A3002ru
a3002ru
0 CVEs
A702r
a702r
0 CVEs
N301rt
n301rt
0 CVEs
N302r
n302r
0 CVEs
N300rt
n300rt
0 CVEs
N200re
n200re
0 CVEs
N150rt
n150rt
0 CVEs
N100re
n100re
0 CVEs
A850r V1
a850r-v1
0 CVEs
F1 V2
f1-v2
0 CVEs
F2 V1
f2-v1
0 CVEs
N150rt V2
n150rt-v2
0 CVEs
N151rt V2
n151rt-v2
0 CVEs
N300rh V2
n300rh-v2
0 CVEs
N300rh V3
n300rh-v3
0 CVEs
N300rt V2
n300rt-v2
0 CVEs
A3002r
a3002r
0 CVEs
A3002ru V1
a3002ru-v1
0 CVEs
A3002ru V2
a3002ru-v2
0 CVEs
A702r V2
a702r-v2
0 CVEs
A702r V3
a702r-v3
0 CVEs

CVEs (1,106)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-51018
1Totolink
1Ex1800t Firmware
Apr 17, 2025
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘opmode’ parameter of the setWiFiApConfig interface of the cstecgi .cgi.
CVE-2023-51017
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi.
CVE-2023-51016
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi.
CVE-2023-51015
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgi
CVE-2023-51014
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgi
CVE-2023-51013
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi.
CVE-2023-51012
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi.
CVE-2023-51011
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanPriDns parameter’ of the setLanConfig interface of the cstecgi .cgi
CVE-2023-50147
1Totolink
1A3700r Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513.
CVE-2023-51028
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi.
CVE-2023-51027
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi.
CVE-2023-51026
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi.
CVE-2023-51025
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi.
CVE-2023-51024
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi.
CVE-2023-51023
1Totolink
1Ex1800t Firmware
Nov 21, 2024
Dec 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi.
CVE-2023-6906
1Totolink
1A7100ru Firmware
Nov 21, 2024
Dec 18, 2023
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handle...Show more
A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8 leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248268. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-49418
1Totolink
1A7000r Firmware
Nov 21, 2024
Dec 11, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerability via setIpPortFilterRules.
CVE-2023-49417
1Totolink
1A7000r Firmware
May 27, 2025
Dec 11, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg.
CVE-2023-6612
1Totolink
1X5000r Firmware
Nov 21, 2024
Dec 8, 2023
N/A· v4
9.8 CRITICAL· v3
5.2 MEDIUM· v2
A vulnerability was found in Totolink X5000R 9.1.0cu.2300_B20230112. It has been rated as critical. This issue affects the function setDdnsCfg/setDynamicRoute/setFirewallType/setIPSecCfg/setIpPortFilterRules/setLancfg/se...Show more
A vulnerability was found in Totolink X5000R 9.1.0cu.2300_B20230112. It has been rated as critical. This issue affects the function setDdnsCfg/setDynamicRoute/setFirewallType/setIPSecCfg/setIpPortFilterRules/setLancfg/setLoginPasswordCfg/setMacFilterRules/setMtknatCfg/setNetworkConfig/setPortForwardRules/setRemoteCfg/setSSServer/setScheduleCfg/setSmartQosCfg/setStaticDhcpRules/setStaticRoute/setVpnAccountCfg/setVpnPassCfg/setVpnUser/setWiFiAclAddConfig/setWiFiEasyGuestCfg/setWiFiGuestCfg/setWiFiRepeaterConfig/setWiFiScheduleCfg/setWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to os command injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-247247. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-48860
1Totolink
1N300rt Firmware
Nov 21, 2024
Dec 7, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary code.