totolink
1,236 tracked vulnerabilities.
CVE-2026-1328
HIGH
Totolink NR1800X 9.1.0u.6279_B20210910 - Buffer Overflow via setWizardCfg POST Parameter
Jan 22, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1327
MEDIUM
Totolink NR1800X 9.1.0u.6279_B20210910 - OS Command Injection via setTracerouteCfg POST Parameter
Jan 22, 2026
CVSS 6.3
EPSS 0.03
CVE-2026-1326
MEDIUM
Totolink NR1800X 9.1.0u.6279_B20210910 - OS Command Injection via Hostname Parameter in setWanCfg
Jan 22, 2026
CVSS 6.3
EPSS 0.03
CVE-2026-1158
HIGH
Totolink LR350 9.3.5u.6369_B20220309 - Buffer Overflow via setWizardCfg SSID Parameter
Jan 19, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1157
HIGH
Totolink LR350 9.3.5u.6369_B20220309 - Buffer Overflow via setWiFiEasyCfg ssid Parameter
Jan 19, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1156
HIGH
Totolink LR350 9.3.5u.6369_B20220309 - Buffer Overflow via setWiFiBasicCfg SSID Parameter
Jan 19, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1155
HIGH
Totolink LR350 9.3.5u.6369_B20220309 - Buffer Overflow via setWiFiEasyGuestCfg ssid Parameter
Jan 19, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-1150
MEDIUM
Totolink LR350 9.3.5u.6369_B20220309 - Command Injection via setTracerouteCfg POST Parameter
Jan 19, 2026
CVSS 6.3
EPSS 0.02
CVE-2026-1149
MEDIUM
Totolink LR350 9.3.5u.6369_B20220309 - OS Command Injection via setDiagnosisCfg ip Parameter
Jan 19, 2026
CVSS 6.3
EPSS 0.03
CVE-2026-1143
HIGH
TOTOLINK A3700R 9.1.2u.5822_B20200513 - Buffer Overflow via setWiFiEasyGuestCfg ssid Parameter
Jan 19, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-0731
MEDIUM
TOTOLINK WA1200 5.9c.2914 - Null Pointer Dereference in HTTP Request Handler
Jan 08, 2026
CVSS 5.3
EPSS 0.01
CVE-2026-0641
MEDIUM
TOTOLINK WA300 5.2cu.7112_B20190227 - OS Command Injection via UPLOAD_FILENAME Argument
Jan 06, 2026
CVSS 6.3
EPSS 0.02
CVE-2025-67445
HIGH
TOTOLINK X5000R V9.1.0cu.2415_B20250515 - DoS
Feb 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-70328
HIGH
TOTOLINK X6000R v9.4.0cu.1498_B20250826 - Command Injection
Feb 23, 2026
CVSS 8.8
EPSS 0.02
CVE-2025-70327
CRITICAL
TOTOLINK X5000R v9.1.0cu_2415_B20250515 - Command Injection
Feb 23, 2026
CVSS 9.8
EPSS 0.01
CVE-2025-70329
HIGH
TOTOLink X5000R v9.1.0cu_2415_B20250515 - Command Injection
Feb 23, 2026
CVSS 8.0
EPSS 0.03
CVE-2025-67189
MEDIUM
TOTOLINK A950RG V4.1.2cu.5204_B20210112 - Buffer Overflow via setParentalRules urlKeyword Parameter
Feb 03, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-67188
CRITICAL
TOTOLINK A950RG V4.1.2cu.5204_B20210112 - Buffer Overflow in setRadvdCfg radvdinterfacename Parameter
Feb 03, 2026
CVSS 9.8
EPSS 0.01
CVE-2025-67187
CRITICAL
TOTOLINK A950RG V4.1.2cu.5204_B20210112 - Stack-based Buffer Overflow in setIpQosRules Interface
Feb 03, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-67186
CRITICAL
TOTOLINK A950RG V4.1.2cu.5204_B20210112 - Buffer Overflow in setUrlFilterRules Interface
Feb 03, 2026
CVSS 9.8
EPSS 0.01
CVE-2025-14964
CRITICAL
TOTOLINK T10 4.1.8cu.5083_B20200521 - Stack-based Buffer Overflow via loginAuthUrl Parameter
Dec 19, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-55895
CRITICAL
TOTOLINK A3300R <17.0.0cu.557 - Remote RCE
Dec 15, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-55901
MEDIUM
TOTOLINK A3300R V17.0.0cu.596_B20250515 - Command Injection
Dec 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-55893
MEDIUM
TOTOLINK N200RE V9.3.5u.6437_B20230519 - Command Injection
Dec 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-14586
MEDIUM
TOTOLINK X5000R 9.1.0cu.2089_B20211224 - Command Injection
Dec 13, 2025
CVSS 6.3
EPSS 0.03
Products
x5000r_firmware 70
a3300r_firmware 64
a3002r_firmware 61
x6000r_firmware 57
A8000RU 50
a3002ru_firmware 49
a3100r_firmware 47
x2000r_firmware 45
a3700r_firmware 43
A7100RU 40
t6_firmware 39
n600r_firmware 38
a7100ru_firmware 37
ex1200t_firmware 37
lr350_firmware 36
a7000r_firmware 35
a950rg_firmware 33
a702r_firmware 32
a810r_firmware 29
a720r_firmware 28
ex1800t_firmware 28
nr1800x_firmware 27
t8_firmware 26
a3000ru_firmware 25
a3600r_firmware 25
a830r_firmware 25
x15_firmware 25
ca300-poe_firmware 24
a800r_firmware 23
t10_firmware 22
Quick Filters