Totolink Security Vulnerabilities (CVEs)
Track 475 security vulnerabilities affecting Totolink products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE describes an OS command injection vulnerability in TOTOLINK X6000R routers. Authenticated attackers can execute arbitrary shell commands by e...
Feb 23, 2026This CVE describes a stack-based buffer overflow vulnerability in TOTOLINK A3002RU routers. Attackers can exploit this by sending specially crafted vp...
Feb 17, 2026This CVE describes a remote command injection vulnerability in Totolink WA300 routers. Attackers can execute arbitrary operating system commands by ma...
Feb 8, 2026This vulnerability allows remote attackers to execute arbitrary commands on Totolink A7000R routers by injecting malicious commands into the 'url' par...
Jan 28, 2026This CVE describes a remote command injection vulnerability in Totolink A7000R routers. Attackers can execute arbitrary commands on affected devices b...
Jan 28, 2026A buffer overflow vulnerability in Totolink NR1800X routers allows remote attackers to execute arbitrary code by sending specially crafted POST reques...
Jan 22, 2026This CVE describes a command injection vulnerability in Totolink NR1800X routers that allows remote attackers to execute arbitrary commands on affecte...
Jan 22, 2026This CVE describes a remote command injection vulnerability in Totolink NR1800X routers. Attackers can execute arbitrary commands on affected devices ...
Jan 22, 2026A remote buffer overflow vulnerability in Totolink LR350 routers allows attackers to execute arbitrary code by sending specially crafted POST requests...
Jan 19, 2026A buffer overflow vulnerability in the Totolink LR350 router's WiFi configuration function allows remote attackers to execute arbitrary code. This aff...
Jan 19, 2026A buffer overflow vulnerability in Totolink LR350 routers allows remote attackers to execute arbitrary code by manipulating the ssid parameter in the ...
Jan 19, 2026This CVE describes a command injection vulnerability in TOTOLINK WA300 routers that allows remote attackers to execute arbitrary commands on affected ...
Jan 6, 2026This vulnerability allows unauthenticated remote attackers to bypass access controls on TOTOLINK routers. Attackers can send malicious payloads to vul...
Dec 15, 2025This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK N200RE routers by injecting malicious input into the hostName par...
Dec 15, 2025This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A3300R routers by injecting malicious input into the host_time pa...
Dec 15, 2025This CVE describes an OS command injection vulnerability in TOTOLINK X5000R routers. Attackers can exploit the 'exportOvpn' function via the web inter...
Dec 13, 2025This critical vulnerability allows unauthenticated attackers to enable Telnet service and gain root access with blank password on Totolink X5000R rout...
Dec 10, 2025This CVE describes a buffer overflow vulnerability in TOTOLINK A950RG router firmware that allows unauthenticated remote attackers to execute arbitrar...
Nov 13, 2025This CVE describes a command injection vulnerability in ToToLink A720R router firmware that allows unauthenticated remote attackers to execute arbitra...
Nov 13, 2025This CVE describes a command injection vulnerability in ToToLink A720R router firmware that allows arbitrary command execution. Attackers with write a...
Nov 13, 2025A stack buffer overflow vulnerability in ToToLink router firmware allows unauthenticated attackers to execute arbitrary code or cause memory corruptio...
Nov 13, 2025A stack buffer overflow vulnerability in ToToLink A720R router firmware allows attackers with filesystem write access to execute arbitrary code by cra...
Nov 13, 2025This vulnerability allows local attackers to trigger stack-based buffer overflows in ToToLink router firmware by manipulating ARP table data. Attacker...
Nov 13, 2025An unauthenticated command injection vulnerability in ToToLink LR1200GB routers allows attackers to execute arbitrary system commands by sending malic...
Nov 13, 2025A stack buffer overflow vulnerability in ToToLink router firmware allows unauthenticated attackers to execute arbitrary code or crash devices by sendi...
Nov 13, 2025This vulnerability is a stack overflow in Totolink A7000R routers that allows attackers to cause a Denial of Service (DoS) by sending a specially craf...
Oct 31, 2025This vulnerability is a stack overflow in Totolink A7000R routers that allows attackers to cause a Denial of Service (DoS) by sending a specially craf...
Oct 31, 2025This CVE describes a stack overflow vulnerability in Totolink A7000R routers via the wifiOff parameter. Attackers can send crafted requests to trigger...
Oct 31, 2025This CVE describes a stack overflow vulnerability in Totolink LR350 routers via the ssid parameter. Attackers can exploit this to cause Denial of Serv...
Oct 31, 2025This CVE describes a stack overflow vulnerability in Totolink LR350 routers via the http_host parameter. Attackers can exploit this to cause Denial of...
Oct 31, 2025This vulnerability is a stack overflow in the Totolink LR350 router's password parameter handling that allows attackers to cause Denial of Service (Do...
Oct 31, 2025This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK A3300R routers by exploiting a stack-based buffer overflow in the set...
Oct 27, 2025A stack-based buffer overflow vulnerability in TOTOLINK A3300R routers allows remote attackers to execute arbitrary code by manipulating the 'enable' ...
Oct 27, 2025A remote buffer overflow vulnerability exists in TOTOLINK A3300R routers through the setDdnsCfg function in cstecgi.cgi. Attackers can exploit this to...
Oct 27, 2025This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK A3300R routers by exploiting a stack-based buffer overflow in the lan...
Oct 27, 2025A NULL pointer dereference vulnerability in TOTOLINK N600R routers allows attackers to crash the device via specially crafted HTTP requests, causing a...
Oct 22, 2025A NULL pointer dereference vulnerability in TOTOLINK N600R routers allows attackers to crash the device via specially crafted HTTP requests, causing a...
Oct 22, 2025This vulnerability is a stack overflow in the wepkey2 parameter of the setWiFiMultipleConfig function in TOTOLINK N600R routers. Attackers can exploit...
Oct 22, 2025A buffer overflow vulnerability in TOTOLINK N600R routers allows remote attackers to execute arbitrary code by sending specially crafted HTTP requests...
Oct 8, 2025This CVE describes a command injection vulnerability in TOTOLINK X18 routers that allows attackers to execute arbitrary commands on the device. The vu...
Oct 1, 2025This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X18 routers by injecting malicious code into the mac parameter of...
Oct 1, 2025This CVE describes an OS command injection vulnerability in TOTOLINK X6000R routers that allows attackers to execute arbitrary commands on the device....
Sep 25, 2025This is a critical command injection vulnerability in TOTOLINK X6000R routers that allows unauthenticated attackers to execute arbitrary commands on a...
Sep 15, 2025This CVE describes a command injection vulnerability in TOTOLINK X5000R routers affecting the sub_410C34 function in the cgi-bin/cstecgi.cgi file. Att...
Sep 4, 2025This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK N600R routers via command injection in the web interface. Attacke...
Sep 4, 2025A buffer overflow vulnerability in TOTOLINK A702R routers allows remote attackers to execute arbitrary code by manipulating the submit-url parameter i...
Sep 1, 2025This CVE describes a buffer overflow vulnerability in TOTOLINK A702R routers that allows remote attackers to execute arbitrary code by manipulating th...
Sep 1, 2025This vulnerability is a remote buffer overflow in TOTOLINK A702R routers affecting the formIpQoS function. Attackers can exploit it remotely by manipu...
Sep 1, 2025This buffer overflow vulnerability in TOTOLINK A3002R routers allows attackers to cause Denial of Service by sending specially crafted input to the fw...
Aug 18, 2025This CVE describes a command injection vulnerability in TOTOLINK A3002R routers via the bupload.html component. Attackers can execute arbitrary comman...
Aug 18, 2025Why Monitor Totolink Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 475+ known vulnerabilities affecting Totolink products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Totolink packages in under 60 seconds. No agents required - completely agentless scanning that works across Totolink deployments.
Free vulnerability database: Access detailed information about every Totolink CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Totolink CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
