totolink

1,237 tracked vulnerabilities.

CVE-2023-36955 CRITICAL
TOTOLINK CP300+ <=V5.2cu.7594_B20200910 - Buffer Overflow
Oct 16, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-36954 CRITICAL
TOTOLINK CP300+ <V5.2cu.7594_B20200910 - Command Injection
Oct 16, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-36953 CRITICAL
TOTOLINK CP300+ <V5.2cu.7594_B20200910 - Command Injection
Oct 16, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-36950 CRITICAL
TOTOLINK X5000R V9.1.0u.6118_B20201102 & A7000R V9.1.0u.6115_B20201022 - Stack-based Buffer Overflow via http_host
Oct 16, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-36952 CRITICAL
TOTOLINK CP300+ V5.2cu.7594_B20200910 - Buffer Overflow
Oct 16, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-36947 CRITICAL
TOTOLINK X5000R/A7000R <9.1.0u - Buffer Overflow
Oct 16, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-36340 CRITICAL
TOTOLINK NR1800X 9.1.0u.6279_B20210910 - Buffer Overflow
Oct 16, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-43141 CRITICAL
TOTOLINK A3700R and N600R Firmware - Improper Access Control
Sep 25, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-4746 HIGH
TOTOLINK N200RE V5 9.3.5u.6437_B20230519 - Format String Vulnerability in Validity_check Function
Sep 04, 2023
CVSS 8.8
EPSS 0.03
CVE-2023-39618 CRITICAL
TOTOLINK X5000R B20210419 - Remote Code Execution via setTracerouteCfg Interface
Aug 21, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-39617 CRITICAL
TOTOLINK X5000R Firmware - Remote Code Execution via setLanguageCfg lang Parameter
Aug 21, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-4412 MEDIUM
TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 - OS Command Injection via setWanCfg Function
Aug 18, 2023
CVSS 6.3
EPSS 0.03
CVE-2023-4411 MEDIUM
TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 - OS Command Injection via setTracerouteCfg
Aug 18, 2023
CVSS 6.3
EPSS 0.05
CVE-2023-4410 MEDIUM
TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 - OS Command Injection via setDiagnosisCfg
Aug 18, 2023
CVSS 6.3
EPSS 0.03
CVE-2023-40042 CRITICAL
TOTOLINK T10_v2 5.9c.5061_B20200511 - Stack-based Buffer Overflow in setStaticDhcpConfig via MQTT Comment Parameter
Aug 08, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-40041 CRITICAL
TOTOLINK T10_v2 5.9c.5061_B20200511 - Stack-based Buffer Overflow in setWiFiWpsConfig via MQTT PIN Parameter
Aug 08, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-34669 HIGH
TOTOLINK CP300+ V5.2cu.7594 - Denial of Service via RebootSystem Function
Jul 17, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-37173 CRITICAL
TOTOLINK A3300R V17.0.0cu.557_B20221024 - OS Command Injection via setTracerouteCfg Command Parameter
Jul 07, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-37172 CRITICAL
TOTOLINK A3300R V17.0.0cu.557_B20221024 - OS Command Injection via setDiagnosisCfg ip Parameter
Jul 07, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-37171 CRITICAL
TOTOLINK A3300R V17.0.0cu.557_B20221024 - OS Command Injection via admuser Parameter
Jul 07, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-37170 CRITICAL
TOTOLINK A3300R V17.0.0cu.557_B20221024 - Unauthenticated Remote Code Execution via Lang Parameter in setLanguageCfg
Jul 07, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-37149 CRITICAL
TOTOLINK LR350 V9.3.5u.6369_B20220309 - OS Command Injection via FileName Parameter
Jul 07, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-37148 CRITICAL
TOTOLINK LR350 V9.3.5u.6369_B20220309 - OS Command Injection via setUssd ussd Parameter
Jul 07, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-37146 CRITICAL
TOTOLINK LR350 V9.3.5u.6369_B20220309 - OS Command Injection via UploadFirmwareFile FileName Parameter
Jul 07, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-37145 CRITICAL
TOTOLINK LR350 V9.3.5u.6369_B20220309 - OS Command Injection via Hostname Parameter
Jul 07, 2023
CVSS 9.8
EPSS 0.02