📦 A720r Firmware

CVE-2023-23064 is an incorrect access control vulnerability in TOTOLINK A720R routers that allows unauthenticated attackers to bypass authentication and gain administrative access. This affects users ...

This vulnerability is a stack overflow in the setWiFiWpsStart function of TOTOLINK A720R routers. Attackers can send specially crafted pin parameter values to cause a Denial of Service (DoS), potentia...

This CVE describes a command injection vulnerability in TOTOLINK A720R routers that allows attackers to execute arbitrary commands via the QUERY_STRING parameter. Attackers can gain full control of af...

This CVE describes a command injection vulnerability in Totolink router firmware that allows attackers to execute arbitrary commands via the IpFrom parameter in the setNoticeCfg function. Attackers ca...

This vulnerability allows attackers to bypass authentication on TOTOLINK A720R routers by exploiting a flaw in the Form_Login function. Attackers can gain unauthorized access to the router's administr...

This vulnerability allows attackers to enable Telnet service on TOTOLINK A720R routers via a crafted POST request, then gain access using default credentials. Attackers can achieve remote code executi...

This CVE describes a critical command injection vulnerability in TOTOLINK routers that allows remote attackers to execute arbitrary operating system commands by sending specially crafted HTTP requests...

This CVE describes a critical command injection vulnerability in TOTOLINK X5000R and A720R routers that allows remote attackers to execute arbitrary operating system commands by sending specially craf...

This vulnerability is a stack overflow in the Form_Login function of TOTOLINK A720R routers, allowing attackers to cause Denial of Service (DoS) by sending specially crafted Host parameters. It affect...

This vulnerability is a stack overflow in the setNoticeCfg function of Totolink routers, allowing attackers to cause Denial of Service (DoS) by sending specially crafted requests with the IpTo paramet...

This vulnerability allows attackers to download the router's configuration file by sending a specially crafted HTTP request to the TOTOLINK A720R router. This affects users running firmware version v4...

This CVE describes a command injection vulnerability in ToToLink A720R router firmware that allows unauthenticated remote attackers to execute arbitrary commands on affected devices. The vulnerability...

This CVE describes a command injection vulnerability in ToToLink A720R router firmware that allows arbitrary command execution. Attackers with write access to the /var/system/linux_vlan_reinit file ca...

A stack buffer overflow vulnerability in ToToLink A720R router firmware allows attackers with filesystem write access to execute arbitrary code by crafting malicious /proc/stat content. This affects u...

This vulnerability allows local attackers to trigger stack-based buffer overflows in ToToLink router firmware by manipulating ARP table data. Attackers can cause denial of service or potentially execu...

This vulnerability in TOTOLINK A720R routers allows remote attackers to access sensitive system configuration information without authentication. By manipulating the topicurl parameter in the Config H...

This vulnerability allows unauthenticated remote attackers to reboot TOTOLINK A720R routers by accessing the /cgi-bin/cstecgi.cgi endpoint with a specific parameter. It affects TOTOLINK A720R routers ...

This critical vulnerability in TOTOLINK A720R routers allows remote attackers to execute arbitrary operating system commands through the exportOvpn function. It affects users of TOTOLINK A720R firmwar...