totolink

1,236 tracked vulnerabilities.

CVE-2026-1328 HIGH
Totolink NR1800X 9.1.0u.6279_B20210910 - Buffer Overflow via setWizardCfg POST Parameter
Jan 22, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1327 MEDIUM
Totolink NR1800X 9.1.0u.6279_B20210910 - OS Command Injection via setTracerouteCfg POST Parameter
Jan 22, 2026
CVSS 6.3
EPSS 0.03
CVE-2026-1326 MEDIUM
Totolink NR1800X 9.1.0u.6279_B20210910 - OS Command Injection via Hostname Parameter in setWanCfg
Jan 22, 2026
CVSS 6.3
EPSS 0.03
CVE-2026-1158 HIGH
Totolink LR350 9.3.5u.6369_B20220309 - Buffer Overflow via setWizardCfg SSID Parameter
Jan 19, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1157 HIGH
Totolink LR350 9.3.5u.6369_B20220309 - Buffer Overflow via setWiFiEasyCfg ssid Parameter
Jan 19, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1156 HIGH
Totolink LR350 9.3.5u.6369_B20220309 - Buffer Overflow via setWiFiBasicCfg SSID Parameter
Jan 19, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1155 HIGH
Totolink LR350 9.3.5u.6369_B20220309 - Buffer Overflow via setWiFiEasyGuestCfg ssid Parameter
Jan 19, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1150 MEDIUM
Totolink LR350 9.3.5u.6369_B20220309 - Command Injection via setTracerouteCfg POST Parameter
Jan 19, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-1149 MEDIUM
Totolink LR350 9.3.5u.6369_B20220309 - OS Command Injection via setDiagnosisCfg ip Parameter
Jan 19, 2026
CVSS 6.3
EPSS 0.03
CVE-2026-1143 HIGH
TOTOLINK A3700R 9.1.2u.5822_B20200513 - Buffer Overflow via setWiFiEasyGuestCfg ssid Parameter
Jan 19, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-0731 MEDIUM
TOTOLINK WA1200 5.9c.2914 - Null Pointer Dereference in HTTP Request Handler
Jan 08, 2026
CVSS 5.3
EPSS 0.01
CVE-2026-0641 MEDIUM
TOTOLINK WA300 5.2cu.7112_B20190227 - OS Command Injection via UPLOAD_FILENAME Argument
Jan 06, 2026
CVSS 6.3
EPSS 0.02
CVE-2025-67445 HIGH
TOTOLINK X5000R V9.1.0cu.2415_B20250515 - DoS
Feb 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-70328 HIGH
TOTOLINK X6000R v9.4.0cu.1498_B20250826 - Command Injection
Feb 23, 2026
CVSS 8.8
EPSS 0.02
CVE-2025-70327 CRITICAL
TOTOLINK X5000R v9.1.0cu_2415_B20250515 - Command Injection
Feb 23, 2026
CVSS 9.8
EPSS 0.01
CVE-2025-70329 HIGH
TOTOLink X5000R v9.1.0cu_2415_B20250515 - Command Injection
Feb 23, 2026
CVSS 8.0
EPSS 0.03
CVE-2025-67189 MEDIUM
TOTOLINK A950RG V4.1.2cu.5204_B20210112 - Buffer Overflow via setParentalRules urlKeyword Parameter
Feb 03, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-67188 CRITICAL
TOTOLINK A950RG V4.1.2cu.5204_B20210112 - Buffer Overflow in setRadvdCfg radvdinterfacename Parameter
Feb 03, 2026
CVSS 9.8
EPSS 0.01
CVE-2025-67187 CRITICAL
TOTOLINK A950RG V4.1.2cu.5204_B20210112 - Stack-based Buffer Overflow in setIpQosRules Interface
Feb 03, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-67186 CRITICAL
TOTOLINK A950RG V4.1.2cu.5204_B20210112 - Buffer Overflow in setUrlFilterRules Interface
Feb 03, 2026
CVSS 9.8
EPSS 0.01
CVE-2025-14964 CRITICAL
TOTOLINK T10 4.1.8cu.5083_B20200521 - Stack-based Buffer Overflow via loginAuthUrl Parameter
Dec 19, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-55895 CRITICAL
TOTOLINK A3300R <17.0.0cu.557 - Remote RCE
Dec 15, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-55901 MEDIUM
TOTOLINK A3300R V17.0.0cu.596_B20250515 - Command Injection
Dec 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-55893 MEDIUM
TOTOLINK N200RE V9.3.5u.6437_B20230519 - Command Injection
Dec 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-14586 MEDIUM
TOTOLINK X5000R 9.1.0cu.2089_B20211224 - Command Injection
Dec 13, 2025
CVSS 6.3
EPSS 0.03