VYPR

T10 Firmware

by Totolink

CVEs (3)

  • CVE-2025-9533HigAug 27, 2025
    risk 0.47cvss 7.3epss 0.09

    A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown function of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to improper authentication. The attack can be initiated remotely. The exploit…

  • CVE-2025-6139LowJun 16, 2025
    risk 0.25cvss 3.9epss 0.00

    A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. Affected by this issue is some unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can only be initiated within…

  • CVE-2025-14964Dec 19, 2025
    risk 0.00cvss epss 0.01

    A vulnerability has been found in TOTOLINK T10 4.1.8cu.5083_B20200521. This affects the function sprintf of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument loginAuthUrl leads to stack-based buffer overflow. The attack may be performed from remote.