Totolink Security Vulnerabilities (CVEs)
Track 475 security vulnerabilities affecting Totolink products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This critical vulnerability in TOTOLINK T8 routers allows remote attackers to execute arbitrary commands by sending specially crafted MQTT packets to ...
Feb 3, 2023This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK T8 routers via command injection in the slaveIpList parameter of ...
Feb 3, 2023This critical vulnerability in TOTOLINK T8 routers allows remote attackers to execute arbitrary commands by sending specially crafted MQTT packets to ...
Feb 3, 2023This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious commands into the FileNa...
Feb 3, 2023This CVE describes a command injection vulnerability in TOTOLINK T8 routers that allows attackers to execute arbitrary commands via crafted MQTT packe...
Feb 3, 2023This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious commands into the NetDia...
Feb 3, 2023This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious commands into the hour p...
Feb 3, 2023This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious commands into the minute...
Feb 3, 2023This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers via command injection in the NTPSyncWithHost fu...
Feb 3, 2023This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK CA300-PoE routers by injecting malicious input into the NetDiagPi...
Feb 3, 2023This vulnerability allows unauthenticated attackers to access the telnet service on TOTOLINK N200RE_v5 routers via a crafted POST request, then gain r...
Feb 2, 2023This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK EX300_V2 routers by sending specially crafted MQTT packets contai...
Jul 7, 2022This CVE describes a command injection vulnerability in multiple Totolink router models that allows attackers to execute arbitrary commands on affecte...
Jul 6, 2022CVE-2021-42893 is an information disclosure vulnerability in TOTOLINK EX1200T routers where attackers can access sensitive configuration data includin...
Jun 3, 2022This vulnerability in TOTOLINK EX1200T routers allows unauthenticated attackers to retrieve sensitive WiFi configuration information including network...
Jun 3, 2022CVE-2021-42890 is a critical remote command injection vulnerability in TOTOLINK EX1200T routers that allows unauthenticated attackers to execute arbit...
Jun 3, 2022CVE-2021-42886 allows unauthenticated attackers to download the apmib configuration file from TOTOLINK EX1200T routers, exposing usernames and passwor...
Jun 3, 2022This vulnerability allows unauthenticated attackers to bypass the login mechanism on TOTOLINK EX1200T routers by sending a specially crafted request t...
Jun 3, 2022CVE-2021-42884 is a remote command injection vulnerability in TOTOLINK EX1200T routers that allows unauthenticated attackers to execute arbitrary comm...
Jun 3, 2022This CVE describes a command injection vulnerability in TOTOLINK EX1200T routers that allows remote attackers to execute arbitrary commands on affecte...
Jun 2, 2022This vulnerability is a stack buffer overflow in the Totolink A3600R router's infostat.cgi component, triggered via the CONTENT_LENGTH parameter. Atta...
May 24, 2022This CVE describes a stack overflow vulnerability in TOTOLINK A3100R routers that allows attackers to cause a Denial of Service (DoS) by sending a spe...
May 18, 2022This vulnerability is a stack overflow in TOTOLINK A3100R routers that allows attackers to cause Denial of Service (DoS) by sending specially crafted ...
May 18, 2022This vulnerability is a stack overflow in TOTOLINK A3100R routers that allows attackers to cause Denial of Service (DoS) by sending specially crafted ...
May 18, 2022This vulnerability involves a hard-coded password for the telnet service in TOTOLINK A3100R routers, allowing attackers to gain unauthorized administr...
May 18, 2022This vulnerability is a stack overflow in TOTOLINK N600R routers that allows remote code execution via the comment parameter in the setStaticDhcpConfi...
May 10, 2022This vulnerability is a stack overflow in TOTOLINK N600R routers that allows remote code execution via the comment parameter in the setIpQosRules func...
May 10, 2022This vulnerability is a stack overflow in TOTOLINK N600R routers that allows remote attackers to execute arbitrary code via the apcliKey parameter in ...
May 10, 2022This vulnerability allows remote attackers to execute arbitrary code on TOTOLINK N600R routers by exploiting a stack overflow in the comment parameter...
May 10, 2022This vulnerability is a stack overflow in TOTOLINK N600R routers that allows remote code execution via a specially crafted URL parameter. Attackers ca...
May 10, 2022This vulnerability allows remote attackers to execute arbitrary commands on TOTOLink N600R routers by injecting malicious commands into the devicename...
May 10, 2022This vulnerability allows remote attackers to execute arbitrary commands on TOTOLink N600R routers via command injection in the firmware upgrade filen...
May 10, 2022This CVE describes a command injection vulnerability in TOTOLink N600R routers where an attacker can execute arbitrary commands via the langtype param...
May 10, 2022This vulnerability allows remote attackers to execute arbitrary commands on TOTOLink N600R routers via command injection in the ipdoamin parameter. At...
May 10, 2022This CVE describes a command injection vulnerability in TOTOlink A7100RU routers that allows attackers to execute arbitrary commands on the device. At...
May 5, 2022This CVE describes a command injection vulnerability in TOTOlink A7100RU routers that allows attackers to execute arbitrary commands on the device. At...
May 5, 2022This CVE describes a command injection vulnerability in TOTOLINK EX300_v2 routers that allows attackers to execute arbitrary commands on affected devi...
Mar 31, 2022This CVE describes a missing authentication mechanism in totolink EX300_v2 and EX1200T routers, allowing attackers to access administrative functions ...
Mar 30, 2022This CVE describes a command injection vulnerability in TOTOLINK EX300_v2 routers that allows attackers to execute arbitrary commands on the device. T...
Mar 30, 2022CVE-2021-46007 is a critical command injection vulnerability in TOTOLINK A3100R routers that allows attackers to execute arbitrary operating system co...
Mar 30, 2022This vulnerability allows unauthenticated attackers to access sensitive pages and modify admin configurations on Totolink A3100R routers. It affects a...
Mar 30, 2022This CVE describes two buffer overflow vulnerabilities in T10 V2_Firmware's HTTP request parser that allow attackers to execute arbitrary code or cras...
Mar 25, 2022CVE-2022-26186 is a command injection vulnerability in TOTOLINK N600R routers that allows attackers to execute arbitrary commands on the device via th...
Mar 22, 2022This vulnerability allows remote attackers to execute arbitrary commands on TOTOLINK N600R routers via the NTPSyncWithHost setting. Attackers can gain...
Mar 22, 2022This CVE describes a critical command injection vulnerability in Totolink routers that allows attackers to execute arbitrary system commands via the T...
Mar 15, 2022This CVE describes a critical command injection vulnerability in Totolink routers that allows attackers to execute arbitrary commands via the hostName...
Mar 15, 2022This CVE describes a critical command injection vulnerability in multiple Totolink router models. Attackers can execute arbitrary system commands by s...
Mar 15, 2022This CVE describes a command injection vulnerability in multiple Totolink router models that allows attackers to execute arbitrary commands via the we...
Mar 15, 2022This CVE describes a command injection vulnerability in multiple Totolink router models that allows attackers to execute arbitrary commands via the Fi...
Mar 15, 2022This CVE describes a command injection vulnerability in multiple Totolink router models that allows attackers to execute arbitrary commands via the se...
Mar 15, 2022Why Monitor Totolink Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 475+ known vulnerabilities affecting Totolink products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Totolink packages in under 60 seconds. No agents required - completely agentless scanning that works across Totolink deployments.
Free vulnerability database: Access detailed information about every Totolink CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Totolink CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
