Totolink Security Vulnerabilities (CVEs)
Track 475 security vulnerabilities affecting Totolink products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A critical buffer overflow vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code by sending specially crafted req...
Jul 29, 2024This critical vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code via a buffer overflow in the setIpQosRules fu...
Jul 29, 2024A critical buffer overflow vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code by sending specially crafted req...
Jul 29, 2024A critical buffer overflow vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary code by manipulating the http_host pa...
Jul 28, 2024This critical vulnerability in TOTOLINK A3600R routers allows remote attackers to execute arbitrary operating system commands via command injection in...
Jul 28, 2024This CVE describes a critical vulnerability in TOTOLINK A3600R routers where the Telnet service uses a hard-coded password in the product.ini file. At...
Jul 28, 2024A critical buffer overflow vulnerability in TOTOLINK A3100R routers allows remote attackers to execute arbitrary code by manipulating the http_host pa...
Jul 28, 2024This vulnerability in TOTOLINK A3700R routers allows remote attackers to access sensitive configuration information through the ExportSettings.sh CGI ...
Jul 28, 2024This CVE describes a command injection vulnerability in TOTOLINK A6000R routers that allows attackers to execute arbitrary commands on the device via ...
Jul 23, 2024This CVE describes a command injection vulnerability in TOTOLINK A6000R routers that allows attackers to execute arbitrary commands on the device. The...
Jul 22, 2024This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK A6000R routers by injecting malicious commands through the ifname...
Jul 22, 2024This CVE describes a command injection vulnerability in TOTOLINK A6000R routers that allows attackers to execute arbitrary commands on the device. The...
Jul 22, 2024This CVE describes a command injection vulnerability in TOTOLINK A6000R routers that allows remote attackers to execute arbitrary code via the iface p...
Jun 20, 2024This vulnerability is a stack overflow in the TOTOLINK A3700R router's setWiFiEasyGuestCfg function, allowing remote attackers to execute arbitrary co...
Jun 14, 2024This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK A3700R routers via a stack overflow in the setWizardCfg function. Att...
Jun 14, 2024This buffer overflow vulnerability in TOTOLINK AC1200 router firmware allows attackers to send specially crafted HTTP or MQTT requests to the 'setNoti...
Jun 11, 2024This vulnerability allows attackers to gain root access to TOTOLINK CP300 routers by using a hardcoded password found in a sample configuration file. ...
Jun 3, 2024This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CP900L routers by injecting malicious commands into the hostTime ...
May 28, 2024This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK CP900L routers by exploiting a stack overflow in the setMacFilterRule...
May 28, 2024This vulnerability allows remote attackers to cause a stack overflow in TOTOLINK CP900L routers by sending specially crafted requests to the SetPortFo...
May 28, 2024This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK NR1800X routers via a stack overflow in the urldecode function's pass...
May 24, 2024This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK LR350 routers by exploiting a stack overflow in the loginAuth functio...
May 24, 2024This vulnerability involves a hardcoded root password in the TOTOLINK CP900L router's sample shadow file. Attackers can use this password to gain admi...
May 24, 2024This vulnerability involves a hardcoded root password in the TOTOLINK CP900L router's configuration file, allowing attackers to gain administrative ac...
May 24, 2024This vulnerability allows authenticated attackers to execute arbitrary commands on TOTOLINK X5000R routers by manipulating the ipsecL2tpEnable paramet...
May 14, 2024This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X5000R routers by injecting malicious commands through the 'port'...
May 14, 2024This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X5000R routers by injecting malicious commands into the 'password...
May 14, 2024This vulnerability allows authenticated attackers to execute arbitrary commands on TOTOLINK X5000R routers by exploiting improper input validation in ...
May 14, 2024This vulnerability is a stack overflow in the TOTOLINK LR350 router's loginAuth function, allowing remote attackers to execute arbitrary code by sendi...
May 14, 2024This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK X5000R routers via the disconnectVPN function. Attackers can gain...
May 14, 2024This CVE describes a stack buffer overflow vulnerability in the setIpQosRules function of TOTOLINK CPE CP450 routers. Attackers can exploit this to ex...
May 14, 2024This buffer overflow vulnerability in Totolink AC1200 routers allows attackers to execute arbitrary code or cause denial of service by sending special...
May 14, 2024This CVE describes a Cross-Site Scripting (XSS) vulnerability in TOTOLINK X2000R routers that allows remote attackers to inject malicious scripts via ...
May 14, 2024This vulnerability involves a hardcoded root password in TOTOLINK EX200 routers, allowing attackers to gain administrative access. Anyone using affect...
May 14, 2024This vulnerability allows unauthenticated attackers to execute arbitrary commands on TOTOLINK EX1800T routers by exploiting the apcliEncrypType parame...
May 8, 2024This vulnerability in TOTOLINK EX200 routers allows attackers to access sensitive system configuration information without authentication through the ...
Apr 8, 2024This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK EX200 routers by sending specially crafted requests to the NTPSyncWit...
Apr 8, 2024This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK EX200 routers by exploiting improper input validation in the FileName...
Apr 8, 2024The TOTOLINK EX200 V4.0.3c.7646_B20201211 wireless range extender lacks any authentication mechanism by default, allowing unauthenticated attackers to...
Apr 8, 2024This vulnerability allows unauthenticated attackers to download the configuration file from TOTOLINK EX200 routers via a specific CGI script. This exp...
Apr 8, 2024A buffer overflow vulnerability in TOTOLink routers allows remote attackers to execute arbitrary code or cause denial of service by sending specially ...
Mar 16, 2024This stored cross-site scripting (XSS) vulnerability in TOTOLINK X2000R routers allows attackers to inject malicious scripts into the MAC Filtering co...
Mar 15, 2024This vulnerability allows attackers to bypass authentication on TOTOLINK A8000RU routers by crafting a specific session cookie, granting unauthorized ...
Mar 12, 2024A critical stack-based buffer overflow vulnerability in Totolink LR1200GB routers allows remote attackers to execute arbitrary code by manipulating th...
Feb 23, 2024The TOTOLINK A8000RU router version 7.1cu.643_B20200521 contains a hardcoded root password in the /etc/shadow file, allowing attackers to gain adminis...
Jan 30, 2024This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device. The...
Jan 30, 2024This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device. The...
Jan 30, 2024This CVE describes a command injection vulnerability in TOTOLINK A3300R routers that allows attackers to execute arbitrary commands on the device. Att...
Jan 30, 2024This CVE describes a command injection vulnerability in TOTOLINK A3300R routers, allowing attackers to execute arbitrary commands via the url paramete...
Jan 30, 2024A critical stack-based buffer overflow vulnerability exists in the Totolink N200RE router's loginAuth function via the http_host parameter. This allow...
Jan 29, 2024Why Monitor Totolink Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 475+ known vulnerabilities affecting Totolink products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Totolink packages in under 60 seconds. No agents required - completely agentless scanning that works across Totolink deployments.
Free vulnerability database: Access detailed information about every Totolink CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Totolink CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
