VYPR

LR1200GB

by Totolink

CVEs (21)

  • CVE-2023-46977CriOct 31, 2023
    risk 0.64cvss 9.8epss 0.09

    TOTOLINK LR1200GB V9.1.0u.6619_B20230130 was discovered to contain a stack overflow via the password parameter in the function loginAuth.

  • CVE-2024-0578HigJan 16, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to stack-based buffer overflow. It is possible to launch…

  • CVE-2024-0577HigJan 16, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been rated as critical. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument lang leads to stack-based buffer overflow. The attack may be…

  • CVE-2024-0576HigJan 16, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been declared as critical. This vulnerability affects the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sPort leads to stack-based buffer overflow. The…

  • CVE-2024-0575HigJan 16, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been classified as critical. This affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to stack-based buffer overflow. It is possible to…

  • CVE-2024-0574HigJan 16, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sTime leads to stack-based buffer overflow. The attack may…

  • CVE-2024-0573HigJan 16, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. The…

  • CVE-2024-0572HigJan 16, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-based buffer overflow. It is possible to…

  • CVE-2024-0571HigJan 16, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability, which was classified as critical, has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. This issue affects the function setSmsCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument text leads to stack-based buffer overflow. The attack may be…

  • CVE-2024-0295HigJan 8, 2024
    risk 0.48cvss 7.3epss 0.04

    A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130. This affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to os command injection. It is possible to initiate the…

  • CVE-2024-0294HigJan 8, 2024
    risk 0.48cvss 7.3epss 0.04

    A vulnerability, which was classified as critical, has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected by this issue is the function setUssd of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ussd leads to os command injection. The attack may be…

  • CVE-2024-0293MedJan 8, 2024
    risk 0.41cvss 6.3epss 0.05

    A vulnerability classified as critical was found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected by this vulnerability is the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. The attack can…

  • CVE-2024-0292MedJan 8, 2024
    risk 0.41cvss 6.3epss 0.05

    A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to os command injection. It is possible to launch the attack…

  • CVE-2024-0291MedJan 8, 2024
    risk 0.41cvss 6.3epss 0.04

    A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been rated as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to command injection. The attack may be…

  • CVE-2025-60687Nov 13, 2025
    risk 0.00cvss epss 0.06

    An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router firmware V9.1.0u.6619_B20230130 within the cstecgi.cgi binary (sub_41EC68 function). The binary reads the "imei" parameter from a web request and verifies only that it is 15 characters…

  • CVE-2025-60684Nov 13, 2025
    risk 0.00cvss epss 0.01

    A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (sub_42F32C function). The web interface reads the "lang" parameter and constructs Help URL strings…

  • CVE-2025-60686Nov 13, 2025
    risk 0.00cvss epss 0.00

    A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers (A720R V4.1.5cu.614_B20230630, LR1200GB V9.1.0u.6619_B20230130, and NR1800X V9.1.0u.6681_B20230703). Both programs parse the contents of /proc/net/arp using…

  • CVE-2025-60688Nov 13, 2025
    risk 0.00cvss epss 0.01

    A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (setDefResponse function). The binary reads the "IpAddress" parameter from a web request and copies…

  • CVE-2024-7216Jul 30, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic. This affects an unknown part of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The complexity of an attack is rather high. The exploitability is…

  • CVE-2024-7215Jul 30, 2024
    risk 0.00cvss epss 0.03

    A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832 and classified as critical. Affected by this issue is the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument host_time leads to command injection. The attack may be launched…

Page 1 of 2