totolink
1,237 tracked vulnerabilities.
CVE-2021-45733
CRITICAL
TOTOLINK X5000R <9.1.0u.6118 - Command Injection
Feb 04, 2022
CVSS 9.8
EPSS 0.04
CVE-2021-44247
CRITICAL
Totolink A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, A720R v4.1.5cu.470_B20200911 - OS Command Injection
Feb 04, 2022
CVSS 9.8
EPSS 0.03
CVE-2021-44246
HIGH
Totolink A720R A830R A3100R Firmware - Denial of Service via setNoticeCfg IpTo Parameter
Feb 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-43711
CRITICAL
TOTOLINK EX200 V4.0.3c.7646_B20201211 - Command Injection
Jan 04, 2022
CVSS 9.8
EPSS 0.38
CVE-2021-34228
MEDIUM
TOTOLINK A3002R V1.1.1-B20200824 - Stored Cross-Site Scripting in Parent Control Description and Service Name Fields
Aug 20, 2021
CVSS 6.1
EPSS 0.29
CVE-2021-34223
MEDIUM
TOTOLINK A3002R V1.1.1-B20200824 - Stored Cross-Site Scripting via URL Address Field
Aug 20, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-34220
MEDIUM
TOTOLINK A3002R V1.1.1-B20200824 - Stored Cross-Site Scripting in tr069config.htm via User Name or Password Field
Aug 20, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-34218
MEDIUM
TOTOLINK-A702R-V1.0.0-B20161227.1023 - Info Disclosure
Aug 20, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-34215
MEDIUM
TOTOLINK A3002R V1.1.1-B20200824 - Stored Cross-Site Scripting via Service Name Field
Aug 20, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-34207
MEDIUM
TOTOLINK A3002R V1.1.1-B20200824 - Stored Cross-Site Scripting in ddns.htm
Aug 20, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-35327
CRITICAL
TOTOLINK A720R <4.1.5cu.470_B20200911 - RCE
Aug 05, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-35326
HIGH
TOTOLINK A720R <4.1.5cu.470 - Info Disclosure
Aug 05, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-35325
HIGH
TOTOLINK A720R Firmware v4.1.5cu.470_B20200911 - Stack Overflow in checkLoginUser
Aug 05, 2021
CVSS 7.5
EPSS 0.13
CVE-2021-35324
CRITICAL
TOTOLINK A720R <V4.1.5cu.470 - Auth Bypass
Aug 05, 2021
CVSS 9.8
EPSS 0.10
CVE-2021-27710
CRITICAL
TOTOLINK X5000R <9.1.0u.6118_B20201102 - Command Injection
Apr 14, 2021
CVSS 9.8
EPSS 0.08
CVE-2021-27708
CRITICAL
TOTOLINK X5000R <9.1.0u.6118_B20201102 - Command Injection
Apr 14, 2021
CVSS 9.8
EPSS 0.08
CVE-2020-23617
MEDIUM
Totolink N200RE/N100RE Router 2.0 - XSS
May 02, 2022
CVSS 6.1
EPSS 0.01
CVE-2020-27368
MEDIUM
TOTOLINK-A702R-V1.0.0-B20161227.1023 - Info Disclosure
Jan 14, 2021
CVSS 5.5
EPSS 0.00
CVE-2020-25499
HIGH
TOTOLINK A3002RU-V2 < 2.1.1-b20200911.1756 - Authenticated OS Command Injection via Run Command
Dec 09, 2020
CVSS 8.8
EPSS 0.04
CVE-2019-19824
HIGH
NUCLEI
TOTOLINK Realtek SDK Routers - Authenticated OS Command Injection via sysCmd Parameter
Jan 27, 2020
CVSS 8.8
EPSS 0.25
CVE-2019-19823
HIGH
NUCLEI
TOTOLINK A3002RU < 2.0.0 - Cleartext Password Storage in Flash Memory
Jan 27, 2020
CVSS 7.5
EPSS 0.06
CVE-2019-19822
HIGH
NUCLEI
TOTOLINK A3002RU < 2.0.0 - Unauthenticated Sensitive Data Exposure via Configuration Retrieval
Jan 27, 2020
CVSS 7.5
EPSS 0.09
CVE-2019-19825
CRITICAL
NUCLEI
TOTOLINK Realtek SDK Routers - CAPTCHA Bypass via getSanvas POST Request
Jan 27, 2020
CVSS 9.8
EPSS 0.30
CVE-2018-13313
MEDIUM
TOTOLINK A3002RU 1.0.8 - Info Disclosure
Feb 24, 2020
CVSS 6.5
EPSS 0.01
CVE-2018-13316
CRITICAL
TOTOLINK A3002RU 1.0.8 - OS Command Injection via Subnet POST Parameter
Nov 27, 2018
CVSS 9.8
EPSS 0.03
Products
x5000r_firmware 70
a3300r_firmware 64
a3002r_firmware 61
x6000r_firmware 57
A8000RU 50
a3002ru_firmware 49
a3100r_firmware 47
x2000r_firmware 45
a3700r_firmware 43
A7100RU 40
t6_firmware 39
n600r_firmware 38
a7100ru_firmware 37
ex1200t_firmware 37
lr350_firmware 36
a7000r_firmware 35
a950rg_firmware 33
a702r_firmware 32
a810r_firmware 29
a720r_firmware 28
ex1800t_firmware 28
nr1800x_firmware 27
t8_firmware 26
a3000ru_firmware 25
a3600r_firmware 25
a830r_firmware 25
x15_firmware 25
ca300-poe_firmware 24
a800r_firmware 23
t10_firmware 22
Quick Filters