totolink

1,220 tracked vulnerabilities.

CVE-2020-27368 MEDIUM
TOTOLINK-A702R-V1.0.0-B20161227.1023 - Info Disclosure
Jan 14, 2021
CVSS 5.5
EPSS 0.00
CVE-2020-25499 HIGH
TOTOLINK A3002RU-V2 < 2.1.1-b20200911.1756 - Authenticated OS Command Injection via Run Command
Dec 09, 2020
CVSS 8.8
EPSS 0.09
CVE-2019-19824 HIGH NUCLEI
TOTOLINK Realtek SDK Routers - Authenticated OS Command Injection via sysCmd Parameter
Jan 27, 2020
CVSS 8.8
EPSS 0.90
CVE-2019-19823 HIGH NUCLEI
TOTOLINK A3002RU < 2.0.0 - Cleartext Password Storage in Flash Memory
Jan 27, 2020
CVSS 7.5
EPSS 0.29
CVE-2019-19822 HIGH NUCLEI
TOTOLINK A3002RU < 2.0.0 - Unauthenticated Sensitive Data Exposure via Configuration Retrieval
Jan 27, 2020
CVSS 7.5
EPSS 0.54
CVE-2019-19825 CRITICAL NUCLEI
TOTOLINK Realtek SDK Routers - CAPTCHA Bypass via getSanvas POST Request
Jan 27, 2020
CVSS 9.8
EPSS 0.19
CVE-2018-13313 MEDIUM
TOTOLINK A3002RU 1.0.8 - Info Disclosure
Feb 24, 2020
CVSS 6.5
EPSS 0.00
CVE-2018-13316 CRITICAL
TOTOLINK A3002RU 1.0.8 - OS Command Injection via Subnet POST Parameter
Nov 27, 2018
CVSS 9.8
EPSS 0.15
CVE-2018-13314 CRITICAL
TOTOLINK A3002RU 1.0.8 - OS Command Injection via ipAddr POST Parameter
Nov 27, 2018
CVSS 9.8
EPSS 0.15
CVE-2018-13307 CRITICAL
TOTOLINK A3002RU 1.0.8 - OS Command Injection via NTP Server IP Parameter
Nov 27, 2018
CVSS 9.8
EPSS 0.15
CVE-2018-13306 CRITICAL
TOTOLINK A3002RU 1.0.8 - OS Command Injection via ftpUser POST Parameter
Nov 27, 2018
CVSS 9.8
EPSS 0.15
CVE-2018-13317 MEDIUM NUCLEI
TOTOLINK A3002RU 1.0.8 - Unauthenticated Password Disclosure via password.htm
Nov 26, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-13315 CRITICAL
TOTOLINK A3002RU 1.0.8 - Unauthenticated Password Change via formPasswordSetup
Nov 26, 2018
CVSS 9.8
EPSS 0.01
CVE-2018-13312 MEDIUM
TOTOLINK A3002RU 1.0.8 - Stored Cross-Site Scripting in Notice URL Field
Nov 26, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-13311 CRITICAL
TOTOLINK A3002RU 1.0.8 - OS Command Injection via SambaUser POST Parameter
Nov 26, 2018
CVSS 9.8
EPSS 0.06
CVE-2018-13310 MEDIUM
TOTOLINK A3002RU 1.0.8 - Stored Cross-Site Scripting in password.htm via Username
Nov 26, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-13309 MEDIUM
TOTOLINK A3002RU 1.0.8 - Stored Cross-Site Scripting in password.htm via User Password
Nov 26, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-13308 MEDIUM
TOTOLINK A3002RU 1.0.8 - Stored Cross-Site Scripting in notice_gen.htm via User Phrases Button Field
Nov 26, 2018
CVSS 6.1
EPSS 0.00
CVE-2015-9551 CRITICAL
TOTOLINK A850R-V1 < 1.0.1-b20150707.1612 & F1-V2 < 2.1.1-b20150708.1646 - RCE via formSysCmd sysCmd
Nov 24, 2020
CVSS 9.8
EPSS 0.07
CVE-2015-9550 HIGH
TOTOLINK A850R-V1 and F1-V2 - Unauthenticated Exposure of Web Management Interface via WAN Packet
Nov 24, 2020
CVSS 7.5
EPSS 0.00
Products
x5000r_firmware 70 a3002r_firmware 61 x6000r_firmware 57 a3300r_firmware 55 A8000RU 50 a3002ru_firmware 49 a3100r_firmware 47 x2000r_firmware 45 a3700r_firmware 43 A7100RU 40 t6_firmware 39 n600r_firmware 38 a7100ru_firmware 37 ex1200t_firmware 37 lr350_firmware 36 a7000r_firmware 35 a950rg_firmware 33 a702r_firmware 32 a810r_firmware 29 a720r_firmware 28 ex1800t_firmware 28 nr1800x_firmware 27 t8_firmware 26 a3000ru_firmware 25 a3600r_firmware 25 a830r_firmware 25 x15_firmware 25 ca300-poe_firmware 24 a800r_firmware 23 t10_firmware 22
Quick Filters
Critical CVEs With Exploits In CISA KEV