totolink

1,236 tracked vulnerabilities.

CVE-2026-5178 MEDIUM
Totolink A3300R cstecgi.cgi setIptvCfg command injection
Mar 31, 2026
CVSS 6.3
EPSS 0.04
CVE-2026-5177 MEDIUM
Totolink A3300R cstecgi.cgi setWiFiBasicCfg command injection
Mar 31, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-5176 HIGH
Totolink A3300R cstecgi.cgi setSyslogCfg command injection
Mar 31, 2026
CVSS 7.3
EPSS 0.02
CVE-2026-5105 MEDIUM
Totolink A3300R Parameter cstecgi.cgi setVpnPassCfg command injection
Mar 30, 2026
CVSS 6.3
EPSS 0.04
CVE-2026-5104 MEDIUM
Totolink A3300R cstecgi.cgi setStaticRoute command injection
Mar 30, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-5103 MEDIUM
Totolink A3300R cstecgi.cgi setUPnPCfg command injection
Mar 30, 2026
CVSS 6.3
EPSS 0.04
CVE-2026-5102 MEDIUM
Totolink A3300R Parameter cstecgi.cgi setSmartQosCfg command injection
Mar 30, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-5101 MEDIUM
Totolink A3300R Parameter cstecgi.cgi setLanCfg command injection
Mar 29, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-5030 MEDIUM
Totolink NR1800X Telnet Service cstecgi.cgi NTPSyncWithHost command injection
Mar 29, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-5020 MEDIUM
Totolink A3600R Parameter cstecgi.cgi setNoticeCfg command injection
Mar 29, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-4976 HIGH
Totolink LR350 cstecgi.cgi setWiFiGuestCfg buffer overflow
Mar 27, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-4611 HIGH
TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826 - Command Injection
Mar 23, 2026
CVSS 7.2
EPSS 0.03
CVE-2026-4497 HIGH
Totolink WA300 cstecgi.cgi recvUpgradeNewFw os command injection
Mar 20, 2026
CVSS 7.3
EPSS 0.02
CVE-2026-3696 HIGH
Totolink N300RH 6..1c.1353_B20190305 - Command Injection
Mar 08, 2026
CVSS 7.3
EPSS 0.02
CVE-2026-3301 CRITICAL
Totolink N300RH 6.1c.1353_B20190305 - Command Injection
Feb 27, 2026
CVSS 9.8
EPSS 0.04
CVE-2026-26736 HIGH
TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 - Buffer Overflow
Feb 17, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-26732 HIGH
TOTOLINK A3002RU V2.1.1-B20211108.1455 - Buffer Overflow
Feb 17, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-26731 HIGH
TOTOLINK A3002RU V2.1.1-B20211108.1455 - Buffer Overflow
Feb 17, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-2167 MEDIUM
Totolink WA300 5.2cu.7112_B20190227 - OS Command Injection via Ipaddr Parameter in setAPNetwork Function
Feb 08, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-1723 CRITICAL
TOTOLINK X6000R -<9.4.0cu.1498_B20250826 - Code Injection
Jan 30, 2026
EPSS 0.01
CVE-2026-1686 HIGH
Totolink A3600R 5.9c.4959 - Buffer Overflow via setAppEasyWizardConfig apcliSsid Argument
Jan 30, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1623 MEDIUM
Totolink A7000R 4.1cu.4154 - Remote Code Execution via setUpgradeFW FileName Parameter
Jan 29, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-1601 MEDIUM
Totolink A7000R 4.1cu.4154 - Remote Command Injection via setUploadUserData FileName Parameter
Jan 29, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-1548 MEDIUM
Totolink A7000R 4.1cu.4154 - Remote Command Injection via CloudACMunualUpdateUserdata URL Parameter
Jan 28, 2026
CVSS 6.3
EPSS 0.03
CVE-2026-1547 MEDIUM
Totolink A7000R 4.1cu.4154 - Remote Command Injection via setUnloadUserData plugin_name Parameter
Jan 28, 2026
CVSS 6.3
EPSS 0.03