totolink
1,236 tracked vulnerabilities.
CVE-2025-12259
HIGH
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Stack-Based Buffer Overflow via setScheduleCfg recHour Parameter
Oct 27, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-12258
HIGH
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Stack-Based Buffer Overflow via opmode Parameter
Oct 27, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-12241
HIGH
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Stack-based Buffer Overflow via lang Parameter in setLanguageCfg
Oct 27, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-12240
HIGH
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Buffer Overflow via setDmzCfg IP Parameter
Oct 27, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-12239
HIGH
TOTOLINK A3300R 17.0.0cu.557_B20221024 - Buffer Overflow in setDdnsCfg Function
Oct 27, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-60336
HIGH
TOTOLINK N600R <4.3.0cu.7866_B20220506 - DoS
Oct 22, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-60335
HIGH
TOTOLINK N600R <4.3.0cu.7866_B20220506 - DoS
Oct 22, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-60334
HIGH
TOTOLINK N600R v4.3.0cu.7866_B20220506 - DoS
Oct 22, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-60333
HIGH
TOTOLINK N600R v4.3.0cu.7866_B20220506 - DoS
Oct 22, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-11444
HIGH
TOTOLINK N600R <4.3.0cu.7866_B20220506 - Buffer Overflow
Oct 08, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-61045
CRITICAL
TOTOLINK X18 V9.1.0cu.2053_B20230309 - Command Injection
Oct 01, 2025
CVSS 9.8
EPSS 0.02
CVE-2025-61044
CRITICAL
TOTOLINK X18 V9.1.0cu.2053_B20230309 - Command Injection
Oct 01, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-11005
CRITICAL
TOTOLINK X6000R -<9.4.0cu.1458_B20250708 - Code Injection
Sep 25, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-57623
MEDIUM
TOTOLINK N600R Firmware v4.3.0cu.7866_B2022506 - Denial of Service via NULL Pointer Dereference
Sep 25, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-52907
HIGH
TOTOLINK X6000R < 9.4.0cu.1360_b20241207 - Command Injection and File Manipulation via Improper Input Validation
Sep 24, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-52906
CRITICAL
TOTOLINK X6000R < 9.4.0cu.1360_b20241207 - OS Command Injection
Sep 24, 2025
CVSS 9.8
EPSS 0.13
CVE-2025-52905
HIGH
TOTOLINK X6000R <= V9.4.0cu.1360_B20241207 - Denial of Service via Flooding
Sep 23, 2025
CVSS 7.5
EPSS 0.08
CVE-2025-52053
CRITICAL
TOTOLINK X6000R V9.4.0cu.1360_B20241207 - Unauthenticated Command Injection via file_name Parameter
Sep 15, 2025
CVSS 9.8
EPSS 0.04
CVE-2025-57579
HIGH
TOTOLINK X2000R-Gh-V2.0.0 - Remote Code Execution via Default Password
Sep 12, 2025
CVSS 8.0
EPSS 0.01
CVE-2025-9935
HIGH
TOTOLINK N600R 4.3.0cu.7866_B20220506 - Unauthenticated Command Injection via cstecgi.cgi
Sep 04, 2025
CVSS 7.3
EPSS 0.03
CVE-2025-9934
MEDIUM
TOTOLINK X5000R 9.1.0cu.2415_B20250515 - OS Command Injection via pid Parameter
Sep 04, 2025
CVSS 6.3
EPSS 0.04
CVE-2025-9783
HIGH
TOTOLINK A702R 4.0.0-B20211108.1423 - Buffer Overflow via Parent Control Form Submit-URL
Sep 01, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-9782
HIGH
TOTOLINK A702R 4.0.0-B20211108.1423 - Buffer Overflow via formOneKeyAccessButton submit-url Argument
Sep 01, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-9781
HIGH
TOTOLINK A702R 4.0.0-B20211108.1423 - Buffer Overflow via formFilter ip6addr Argument
Sep 01, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-9780
HIGH
TOTOLINK A702R 4.0.0-B20211108.1423 - Buffer Overflow via formIpQoS mac Parameter
Sep 01, 2025
CVSS 8.8
EPSS 0.01
Products
x5000r_firmware 70
a3300r_firmware 64
a3002r_firmware 61
x6000r_firmware 57
A8000RU 50
a3002ru_firmware 49
a3100r_firmware 47
x2000r_firmware 45
a3700r_firmware 43
A7100RU 40
t6_firmware 39
n600r_firmware 38
a7100ru_firmware 37
ex1200t_firmware 37
lr350_firmware 36
a7000r_firmware 35
a950rg_firmware 33
a702r_firmware 32
a810r_firmware 29
a720r_firmware 28
ex1800t_firmware 28
nr1800x_firmware 27
t8_firmware 26
a3000ru_firmware 25
a3600r_firmware 25
a830r_firmware 25
x15_firmware 25
ca300-poe_firmware 24
a800r_firmware 23
t10_firmware 22
Quick Filters