totolink

1,236 tracked vulnerabilities.

CVE-2025-12259 HIGH
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Stack-Based Buffer Overflow via setScheduleCfg recHour Parameter
Oct 27, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-12258 HIGH
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Stack-Based Buffer Overflow via opmode Parameter
Oct 27, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-12241 HIGH
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Stack-based Buffer Overflow via lang Parameter in setLanguageCfg
Oct 27, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-12240 HIGH
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Buffer Overflow via setDmzCfg IP Parameter
Oct 27, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-12239 HIGH
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Buffer Overflow in setDdnsCfg Function
Oct 27, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-60336 HIGH
TOTOLINK N600R <4.3.0cu.7866_B20220506 - DoS
Oct 22, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-60335 HIGH
TOTOLINK N600R <4.3.0cu.7866_B20220506 - DoS
Oct 22, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-60334 HIGH
TOTOLINK N600R v4.3.0cu.7866_B20220506 - DoS
Oct 22, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-60333 HIGH
TOTOLINK N600R v4.3.0cu.7866_B20220506 - DoS
Oct 22, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-11444 HIGH
TOTOLINK N600R <4.3.0cu.7866_B20220506 - Buffer Overflow
Oct 08, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-61045 CRITICAL
TOTOLINK X18 V9.1.0cu.2053_B20230309 - Command Injection
Oct 01, 2025
CVSS 9.8
EPSS 0.02
CVE-2025-61044 CRITICAL
TOTOLINK X18 V9.1.0cu.2053_B20230309 - Command Injection
Oct 01, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-11005 CRITICAL
TOTOLINK X6000R -<9.4.0cu.1458_B20250708 - Code Injection
Sep 25, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-57623 MEDIUM
TOTOLINK N600R Firmware v4.3.0cu.7866_B2022506 - Denial of Service via NULL Pointer Dereference
Sep 25, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-52907 HIGH
TOTOLINK X6000R < 9.4.0cu.1360_b20241207 - Command Injection and File Manipulation via Improper Input Validation
Sep 24, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-52906 CRITICAL
TOTOLINK X6000R < 9.4.0cu.1360_b20241207 - OS Command Injection
Sep 24, 2025
CVSS 9.8
EPSS 0.13
CVE-2025-52905 HIGH
TOTOLINK X6000R <= V9.4.0cu.1360_B20241207 - Denial of Service via Flooding
Sep 23, 2025
CVSS 7.5
EPSS 0.08
CVE-2025-52053 CRITICAL
TOTOLINK X6000R V9.4.0cu.1360_B20241207 - Unauthenticated Command Injection via file_name Parameter
Sep 15, 2025
CVSS 9.8
EPSS 0.04
CVE-2025-57579 HIGH
TOTOLINK X2000R-Gh-V2.0.0 - Remote Code Execution via Default Password
Sep 12, 2025
CVSS 8.0
EPSS 0.01
CVE-2025-9935 HIGH
TOTOLINK N600R 4.3.0cu.7866_B20220506 - Unauthenticated Command Injection via cstecgi.cgi
Sep 04, 2025
CVSS 7.3
EPSS 0.03
CVE-2025-9934 MEDIUM
TOTOLINK X5000R 9.1.0cu.2415_B20250515 - OS Command Injection via pid Parameter
Sep 04, 2025
CVSS 6.3
EPSS 0.04
CVE-2025-9783 HIGH
TOTOLINK A702R 4.0.0-B20211108.1423 - Buffer Overflow via Parent Control Form Submit-URL
Sep 01, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-9782 HIGH
TOTOLINK A702R 4.0.0-B20211108.1423 - Buffer Overflow via formOneKeyAccessButton submit-url Argument
Sep 01, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-9781 HIGH
TOTOLINK A702R 4.0.0-B20211108.1423 - Buffer Overflow via formFilter ip6addr Argument
Sep 01, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-9780 HIGH
TOTOLINK A702R 4.0.0-B20211108.1423 - Buffer Overflow via formIpQoS mac Parameter
Sep 01, 2025
CVSS 8.8
EPSS 0.01