VYPR

A810R

by Totolink

CVEs (19)

  • CVE-2025-28137CriApr 15, 2025
    risk 0.65cvss 9.8epss 0.10

    The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.

  • CVE-2025-28037CriApr 22, 2025
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.

  • CVE-2025-28024CriApr 22, 2025
    risk 0.64cvss 9.8epss 0.00

    TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the cstecgi.cgi

  • CVE-2025-28034CriApr 22, 2025
    risk 0.64cvss 9.8epss 0.01

    TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the…

  • CVE-2022-25079CriFeb 24, 2022
    risk 0.64cvss 9.8epss 0.03

    TOTOLink A810R V4.1.2cu.5182_B20201026 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

  • CVE-2025-4496HigMay 10, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument…

  • CVE-2025-28030HigApr 22, 2025
    risk 0.57cvss 8.8epss 0.00

    TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function.

  • CVE-2024-53334HigNov 21, 2024
    risk 0.57cvss 8.8epss 0.01

    TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in infostat.cgi.

  • CVE-2024-57036HigJan 21, 2025
    risk 0.53cvss 8.1epss 0.01

    TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request.

  • CVE-2024-53335HigNov 21, 2024
    risk 0.51cvss 7.8epss 0.00

    TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi.

  • CVE-2022-38511HigAug 29, 2022
    risk 0.51cvss 7.8epss 0.01

    TOTOLINK A810R V5.9c.4050_B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi.

  • CVE-2022-36616HigAug 29, 2022
    risk 0.51cvss 7.8epss 0.00

    TOTOLINK A810R V4.1.2cu.5182_B20201026 and V5.9c.4050_B20190424 was discovered to contain a hardcoded password for root at /etc/shadow.sample.

  • CVE-2025-28135HigMar 27, 2025
    risk 0.49cvss 7.5epss 0.01

    TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi.

  • CVE-2025-28022HigApr 23, 2025
    risk 0.47cvss 7.3epss 0.00

    TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter.

  • CVE-2025-28021HigApr 23, 2025
    risk 0.47cvss 7.3epss 0.00

    TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the downloadFile.cgi through the v14 and v3 parameters

  • CVE-2025-28033HigApr 22, 2025
    risk 0.47cvss 7.3epss 0.00

    TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the…

  • CVE-2025-28032HigApr 22, 2025
    risk 0.47cvss 7.3epss 0.00

    TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function…

  • CVE-2022-28935HigJul 6, 2022
    risk 0.47cvss 7.2epss 0.03

    Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4.1.2cu.5161_B20200903, Totolink A800R V4.1.2cu.5137_B20200730, Totolink A3000RU V5.9c.5185_B20201128, Totolink A810R V4.1.2cu.5182_B20201026 were discovered to contain a command…

  • CVE-2025-28031MedApr 22, 2025
    risk 0.42cvss 6.5epss 0.00

    TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the telnet service in product.ini.