VYPR

NR1800X

by Totolink

CVEs (29)

  • CVE-2025-60686Nov 13, 2025
    risk 0.00cvss epss 0.00

    A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers (A720R V4.1.5cu.614_B20230630, LR1200GB V9.1.0u.6619_B20230130, and NR1800X V9.1.0u.6681_B20230703). Both programs parse the contents of /proc/net/arp using…

  • CVE-2025-60684Nov 13, 2025
    risk 0.00cvss epss 0.01

    A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (sub_42F32C function). The web interface reads the "lang" parameter and constructs Help URL strings…

  • CVE-2025-60688Nov 13, 2025
    risk 0.00cvss epss 0.01

    A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (setDefResponse function). The binary reads the "IpAddress" parameter from a web request and copies…

  • CVE-2025-45843May 8, 2025
    risk 0.00cvss epss 0.01

    TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiGuestCfg function.

  • CVE-2025-45842May 8, 2025
    risk 0.00cvss epss 0.01

    TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyCfg function.

  • CVE-2025-45841May 8, 2025
    risk 0.00cvss epss 0.00

    TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function.

  • CVE-2025-45844May 8, 2025
    risk 0.00cvss epss 0.01

    TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiBasicCfg function.

  • CVE-2025-45845May 8, 2025
    risk 0.00cvss epss 0.01

    TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyGuestCfg function.

  • CVE-2024-35388May 24, 2024
    risk 0.00cvss epss 0.03

    TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode

Page 2 of 2