Totolink Security Vulnerabilities (CVEs)
Track 475 security vulnerabilities affecting Totolink products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE describes a command injection vulnerability in TOTOLINK CA600-PoE routers that allows attackers to execute arbitrary commands via the fwUrl p...
May 1, 2025This command injection vulnerability in TOTOLINK CP900 routers allows attackers to execute arbitrary system commands by manipulating the hour or minut...
May 1, 2025This CVE describes a command injection vulnerability in TOTOLINK CP900 routers that allows attackers to execute arbitrary system commands through the ...
May 1, 2025This CVE describes a command injection vulnerability in TOTOLINK CP900 routers that allows attackers to execute arbitrary system commands via the File...
May 1, 2025A critical buffer overflow vulnerability in TOTOLINK N150RT routers allows remote attackers to execute arbitrary code by manipulating the submit-url p...
Apr 28, 2025This critical buffer overflow vulnerability in TOTOLINK N150RT routers allows remote attackers to execute arbitrary code by manipulating the submit-ur...
Apr 28, 2025A critical buffer overflow vulnerability in TOTOLINK N150RT routers allows remote attackers to execute arbitrary code by manipulating the Hostname par...
Apr 27, 2025A critical buffer overflow vulnerability in TOTOLINK N150RT routers allows remote attackers to execute arbitrary code by manipulating the service_type...
Apr 27, 2025This CVE describes a buffer overflow vulnerability in TOTOLINK A800R routers through the downloadFile.cgi endpoint's v25 parameter. Attackers can expl...
Apr 23, 2025This CVE describes a buffer overflow vulnerability in TOTOLINK A810R routers through the downloadFile.cgi endpoint's v25 parameter. Attackers can expl...
Apr 23, 2025A buffer overflow vulnerability in TOTOLINK routers' downloadFile.cgi component allows attackers to execute arbitrary code by sending specially crafte...
Apr 23, 2025This CVE describes a buffer overflow vulnerability in TOTOLINK A800R routers through the downloadFile.cgi endpoint's v14 parameter. Attackers can expl...
Apr 23, 2025This CVE describes a pre-authentication buffer overflow vulnerability in multiple TOTOLINK router models. Attackers can exploit this by sending specia...
Apr 22, 2025This CVE describes a pre-authentication remote command execution vulnerability in multiple TOTOLINK router models. Attackers can execute arbitrary com...
Apr 22, 2025This critical vulnerability in TOTOLINK A3700R routers allows attackers to bypass access controls on the setL2tpServerCfg function via the /cgi-bin/cs...
Apr 16, 2025This vulnerability allows remote attackers to bypass access controls on TOTOLINK A3700R routers via the setScheduleCfg function in the web interface. ...
Apr 16, 2025This critical vulnerability in TOTOLINK A3700R routers allows attackers to bypass access controls on the setWiFiEasyGuestCfg function via the /cgi-bin...
Apr 16, 2025This vulnerability allows remote attackers to execute arbitrary code on Totolink N600R routers by exploiting a stack overflow in the setWanConfig func...
Apr 15, 2025This vulnerability allows unauthenticated remote attackers to execute arbitrary commands on TOTOLINK A810R routers. Attackers can exploit the setNotic...
Apr 15, 2025This critical vulnerability in TOTOLINK A6000R routers allows remote attackers to execute arbitrary commands via command injection in the apcli_cancel...
Apr 4, 2025This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X18 routers via the cstecgi.cgi interface. Attac...
Apr 3, 2025This vulnerability allows remote attackers to improperly access the IBMS configuration file handler in TOTOLINK A3000RU routers. Attackers can exploit...
Mar 30, 2025This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A3002R routers via command injection in the bandstr parameter of ...
Mar 28, 2025This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK A3100R routers by exploiting improper input sanitization in the setWe...
Mar 28, 2025This vulnerability allows unauthenticated attackers to execute arbitrary commands on TOTOLINK A800R routers by exploiting improper input validation in...
Mar 27, 2025This vulnerability in TOTOLINK A3000RU routers allows improper access to the Syslog configuration file handler via /cgi-bin/ExportSyslog.sh. Attackers...
Mar 24, 2025A critical stack-based buffer overflow vulnerability in TOTOLINK EX1800T WiFi extenders allows remote attackers to execute arbitrary code by sending s...
Mar 17, 2025A critical stack-based buffer overflow vulnerability in TOTOLINK EX1800T routers allows remote attackers to execute arbitrary code by manipulating the...
Mar 17, 2025This critical vulnerability in TOTOLINK EX1800T routers allows remote attackers to execute arbitrary operating system commands through command injecti...
Mar 7, 2025This critical vulnerability in TOTOLINK EX1800T routers allows remote attackers to execute arbitrary operating system commands via command injection i...
Mar 7, 2025This CVE describes a buffer overflow vulnerability in TOTOlink A3002R routers that allows attackers to execute arbitrary code by sending specially cra...
Feb 28, 2025This CVE describes a buffer overflow vulnerability in TOTOlink A3002R routers, caused by improper input validation of the pppoe_dns1 parameter in the ...
Feb 28, 2025This buffer overflow vulnerability in TOTOlink A3002R routers allows attackers to execute arbitrary code by sending specially crafted requests to the ...
Feb 28, 2025This vulnerability allows remote attackers to execute arbitrary commands on Totolink X5000R routers through command injection in the apcli_wps_gen_pin...
Feb 21, 2025A critical stack-based buffer overflow vulnerability in TOTOLINK X18 routers allows remote attackers to execute arbitrary code by sending specially cr...
Feb 16, 2025This critical vulnerability in TOTOLINK X18 routers allows remote attackers to execute arbitrary operating system commands by manipulating the 'enable...
Feb 16, 2025This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A810R routers by sending specially crafted HTTP requests to the d...
Jan 21, 2025This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...
Jan 15, 2025This CVE describes an OS command injection vulnerability in TOTOLINK X5000R routers where an attacker can execute arbitrary commands via the 'week' pa...
Jan 15, 2025This CVE describes an OS command injection vulnerability in TOTOLINK X5000R routers via the 'desc' parameter in the setWiFiScheduleCfg function. Attac...
Jan 15, 2025This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands i...
Jan 15, 2025This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious payloads i...
Jan 15, 2025This CVE describes an OS command injection vulnerability in TOTOLINK X5000R routers where attackers can execute arbitrary commands via the 'switch' pa...
Jan 15, 2025This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...
Jan 15, 2025This CVE describes an OS command injection vulnerability in TOTOLINK X5000R routers where attackers can execute arbitrary commands via the 'hour' para...
Jan 15, 2025This CVE describes an OS command injection vulnerability in TOTOLINK X5000R routers where an attacker can execute arbitrary commands via the 'user' pa...
Jan 15, 2025This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...
Jan 15, 2025This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...
Jan 15, 2025This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...
Jan 15, 2025This vulnerability allows remote attackers to execute arbitrary operating system commands on TOTOLINK X5000R routers by injecting malicious commands t...
Jan 15, 2025Why Monitor Totolink Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 475+ known vulnerabilities affecting Totolink products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Totolink packages in under 60 seconds. No agents required - completely agentless scanning that works across Totolink deployments.
Free vulnerability database: Access detailed information about every Totolink CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Totolink CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
