totolink
1,236 tracked vulnerabilities.
CVE-2026-5178
MEDIUM
Totolink A3300R cstecgi.cgi setIptvCfg command injection
Mar 31, 2026
CVSS 6.3
EPSS 0.04
CVE-2026-5177
MEDIUM
Totolink A3300R cstecgi.cgi setWiFiBasicCfg command injection
Mar 31, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-5176
HIGH
Totolink A3300R cstecgi.cgi setSyslogCfg command injection
Mar 31, 2026
CVSS 7.3
EPSS 0.02
CVE-2026-5105
MEDIUM
Totolink A3300R Parameter cstecgi.cgi setVpnPassCfg command injection
Mar 30, 2026
CVSS 6.3
EPSS 0.04
CVE-2026-5104
MEDIUM
Totolink A3300R cstecgi.cgi setStaticRoute command injection
Mar 30, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-5103
MEDIUM
Totolink A3300R cstecgi.cgi setUPnPCfg command injection
Mar 30, 2026
CVSS 6.3
EPSS 0.04
CVE-2026-5102
MEDIUM
Totolink A3300R Parameter cstecgi.cgi setSmartQosCfg command injection
Mar 30, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-5101
MEDIUM
Totolink A3300R Parameter cstecgi.cgi setLanCfg command injection
Mar 29, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-5030
MEDIUM
Totolink NR1800X Telnet Service cstecgi.cgi NTPSyncWithHost command injection
Mar 29, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-5020
MEDIUM
Totolink A3600R Parameter cstecgi.cgi setNoticeCfg command injection
Mar 29, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-4976
HIGH
Totolink LR350 cstecgi.cgi setWiFiGuestCfg buffer overflow
Mar 27, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-4611
HIGH
TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826 - Command Injection
Mar 23, 2026
CVSS 7.2
EPSS 0.03
CVE-2026-4497
HIGH
Totolink WA300 cstecgi.cgi recvUpgradeNewFw os command injection
Mar 20, 2026
CVSS 7.3
EPSS 0.02
CVE-2026-3696
HIGH
Totolink N300RH 6..1c.1353_B20190305 - Command Injection
Mar 08, 2026
CVSS 7.3
EPSS 0.02
CVE-2026-3301
CRITICAL
Totolink N300RH 6.1c.1353_B20190305 - Command Injection
Feb 27, 2026
CVSS 9.8
EPSS 0.04
CVE-2026-26736
HIGH
TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 - Buffer Overflow
Feb 17, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-26732
HIGH
TOTOLINK A3002RU V2.1.1-B20211108.1455 - Buffer Overflow
Feb 17, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-26731
HIGH
TOTOLINK A3002RU V2.1.1-B20211108.1455 - Buffer Overflow
Feb 17, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-2167
MEDIUM
Totolink WA300 5.2cu.7112_B20190227 - OS Command Injection via Ipaddr Parameter in setAPNetwork Function
Feb 08, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-1723
CRITICAL
TOTOLINK X6000R -<9.4.0cu.1498_B20250826 - Code Injection
Jan 30, 2026
EPSS 0.01
CVE-2026-1686
HIGH
Totolink A3600R 5.9c.4959 - Buffer Overflow via setAppEasyWizardConfig apcliSsid Argument
Jan 30, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1623
MEDIUM
Totolink A7000R 4.1cu.4154 - Remote Code Execution via setUpgradeFW FileName Parameter
Jan 29, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-1601
MEDIUM
Totolink A7000R 4.1cu.4154 - Remote Command Injection via setUploadUserData FileName Parameter
Jan 29, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-1548
MEDIUM
Totolink A7000R 4.1cu.4154 - Remote Command Injection via CloudACMunualUpdateUserdata URL Parameter
Jan 28, 2026
CVSS 6.3
EPSS 0.03
CVE-2026-1547
MEDIUM
Totolink A7000R 4.1cu.4154 - Remote Command Injection via setUnloadUserData plugin_name Parameter
Jan 28, 2026
CVSS 6.3
EPSS 0.03
Products
x5000r_firmware 70
a3300r_firmware 64
a3002r_firmware 61
x6000r_firmware 57
A8000RU 50
a3002ru_firmware 49
a3100r_firmware 47
x2000r_firmware 45
a3700r_firmware 43
A7100RU 40
t6_firmware 39
n600r_firmware 38
a7100ru_firmware 37
ex1200t_firmware 37
lr350_firmware 36
a7000r_firmware 35
a950rg_firmware 33
a702r_firmware 32
a810r_firmware 29
a720r_firmware 28
ex1800t_firmware 28
nr1800x_firmware 27
t8_firmware 26
a3000ru_firmware 25
a3600r_firmware 25
a830r_firmware 25
x15_firmware 25
ca300-poe_firmware 24
a800r_firmware 23
t10_firmware 22
Quick Filters