totolink

1,237 tracked vulnerabilities.

CVE-2021-45733 CRITICAL
TOTOLINK X5000R <9.1.0u.6118 - Command Injection
Feb 04, 2022
CVSS 9.8
EPSS 0.04
CVE-2021-44247 CRITICAL
Totolink A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, A720R v4.1.5cu.470_B20200911 - OS Command Injection
Feb 04, 2022
CVSS 9.8
EPSS 0.03
CVE-2021-44246 HIGH
Totolink A720R A830R A3100R Firmware - Denial of Service via setNoticeCfg IpTo Parameter
Feb 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-43711 CRITICAL
TOTOLINK EX200 V4.0.3c.7646_B20201211 - Command Injection
Jan 04, 2022
CVSS 9.8
EPSS 0.38
CVE-2021-34228 MEDIUM
TOTOLINK A3002R V1.1.1-B20200824 - Stored Cross-Site Scripting in Parent Control Description and Service Name Fields
Aug 20, 2021
CVSS 6.1
EPSS 0.29
CVE-2021-34223 MEDIUM
TOTOLINK A3002R V1.1.1-B20200824 - Stored Cross-Site Scripting via URL Address Field
Aug 20, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-34220 MEDIUM
TOTOLINK A3002R V1.1.1-B20200824 - Stored Cross-Site Scripting in tr069config.htm via User Name or Password Field
Aug 20, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-34218 MEDIUM
TOTOLINK-A702R-V1.0.0-B20161227.1023 - Info Disclosure
Aug 20, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-34215 MEDIUM
TOTOLINK A3002R V1.1.1-B20200824 - Stored Cross-Site Scripting via Service Name Field
Aug 20, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-34207 MEDIUM
TOTOLINK A3002R V1.1.1-B20200824 - Stored Cross-Site Scripting in ddns.htm
Aug 20, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-35327 CRITICAL
TOTOLINK A720R <4.1.5cu.470_B20200911 - RCE
Aug 05, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-35326 HIGH
TOTOLINK A720R <4.1.5cu.470 - Info Disclosure
Aug 05, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-35325 HIGH
TOTOLINK A720R Firmware v4.1.5cu.470_B20200911 - Stack Overflow in checkLoginUser
Aug 05, 2021
CVSS 7.5
EPSS 0.13
CVE-2021-35324 CRITICAL
TOTOLINK A720R <V4.1.5cu.470 - Auth Bypass
Aug 05, 2021
CVSS 9.8
EPSS 0.10
CVE-2021-27710 CRITICAL
TOTOLINK X5000R <9.1.0u.6118_B20201102 - Command Injection
Apr 14, 2021
CVSS 9.8
EPSS 0.08
CVE-2021-27708 CRITICAL
TOTOLINK X5000R <9.1.0u.6118_B20201102 - Command Injection
Apr 14, 2021
CVSS 9.8
EPSS 0.08
CVE-2020-23617 MEDIUM
Totolink N200RE/N100RE Router 2.0 - XSS
May 02, 2022
CVSS 6.1
EPSS 0.01
CVE-2020-27368 MEDIUM
TOTOLINK-A702R-V1.0.0-B20161227.1023 - Info Disclosure
Jan 14, 2021
CVSS 5.5
EPSS 0.00
CVE-2020-25499 HIGH
TOTOLINK A3002RU-V2 < 2.1.1-b20200911.1756 - Authenticated OS Command Injection via Run Command
Dec 09, 2020
CVSS 8.8
EPSS 0.04
CVE-2019-19824 HIGH NUCLEI
TOTOLINK Realtek SDK Routers - Authenticated OS Command Injection via sysCmd Parameter
Jan 27, 2020
CVSS 8.8
EPSS 0.25
CVE-2019-19823 HIGH NUCLEI
TOTOLINK A3002RU < 2.0.0 - Cleartext Password Storage in Flash Memory
Jan 27, 2020
CVSS 7.5
EPSS 0.06
CVE-2019-19822 HIGH NUCLEI
TOTOLINK A3002RU < 2.0.0 - Unauthenticated Sensitive Data Exposure via Configuration Retrieval
Jan 27, 2020
CVSS 7.5
EPSS 0.09
CVE-2019-19825 CRITICAL NUCLEI
TOTOLINK Realtek SDK Routers - CAPTCHA Bypass via getSanvas POST Request
Jan 27, 2020
CVSS 9.8
EPSS 0.30
CVE-2018-13313 MEDIUM
TOTOLINK A3002RU 1.0.8 - Info Disclosure
Feb 24, 2020
CVSS 6.5
EPSS 0.01
CVE-2018-13316 CRITICAL
TOTOLINK A3002RU 1.0.8 - OS Command Injection via Subnet POST Parameter
Nov 27, 2018
CVSS 9.8
EPSS 0.03