A810R
by Totolink
CVEs (19)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-28137 | Cri | 0.65 | 9.8 | 0.10 | Apr 15, 2025 | The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter. | ||
| CVE-2025-28037 | Cri | 0.64 | 9.8 | 0.01 | Apr 22, 2025 | TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter. | ||
| CVE-2025-28024 | Cri | 0.64 | 9.8 | 0.00 | Apr 22, 2025 | TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the cstecgi.cgi | ||
| CVE-2025-28034 | Cri | 0.64 | 9.8 | 0.01 | Apr 22, 2025 | TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the… | ||
| CVE-2022-25079 | Cri | 0.64 | 9.8 | 0.03 | Feb 24, 2022 | TOTOLink A810R V4.1.2cu.5182_B20201026 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. | ||
| CVE-2025-4496 | Hig | 0.57 | 8.8 | 0.01 | May 10, 2025 | A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument… | ||
| CVE-2025-28030 | Hig | 0.57 | 8.8 | 0.00 | Apr 22, 2025 | TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function. | ||
| CVE-2024-53334 | Hig | 0.57 | 8.8 | 0.01 | Nov 21, 2024 | TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in infostat.cgi. | ||
| CVE-2024-57036 | Hig | 0.53 | 8.1 | 0.01 | Jan 21, 2025 | TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request. | ||
| CVE-2024-53335 | Hig | 0.51 | 7.8 | 0.00 | Nov 21, 2024 | TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi. | ||
| CVE-2022-38511 | Hig | 0.51 | 7.8 | 0.01 | Aug 29, 2022 | TOTOLINK A810R V5.9c.4050_B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi. | ||
| CVE-2022-36616 | Hig | 0.51 | 7.8 | 0.00 | Aug 29, 2022 | TOTOLINK A810R V4.1.2cu.5182_B20201026 and V5.9c.4050_B20190424 was discovered to contain a hardcoded password for root at /etc/shadow.sample. | ||
| CVE-2025-28135 | Hig | 0.49 | 7.5 | 0.01 | Mar 27, 2025 | TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi. | ||
| CVE-2025-28022 | Hig | 0.47 | 7.3 | 0.00 | Apr 23, 2025 | TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter. | ||
| CVE-2025-28021 | Hig | 0.47 | 7.3 | 0.00 | Apr 23, 2025 | TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the downloadFile.cgi through the v14 and v3 parameters | ||
| CVE-2025-28033 | Hig | 0.47 | 7.3 | 0.00 | Apr 22, 2025 | TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the… | ||
| CVE-2025-28032 | Hig | 0.47 | 7.3 | 0.00 | Apr 22, 2025 | TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function… | ||
| CVE-2022-28935 | Hig | 0.47 | 7.2 | 0.03 | Jul 6, 2022 | Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4.1.2cu.5161_B20200903, Totolink A800R V4.1.2cu.5137_B20200730, Totolink A3000RU V5.9c.5185_B20201128, Totolink A810R V4.1.2cu.5182_B20201026 were discovered to contain a command… | ||
| CVE-2025-28031 | Med | 0.42 | 6.5 | 0.00 | Apr 22, 2025 | TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the telnet service in product.ini. |
- risk 0.65cvss 9.8epss 0.10
The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.
- risk 0.64cvss 9.8epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the cstecgi.cgi
- risk 0.64cvss 9.8epss 0.01
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the…
- risk 0.64cvss 9.8epss 0.03
TOTOLink A810R V4.1.2cu.5182_B20201026 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.
- risk 0.57cvss 8.8epss 0.01
A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument…
- risk 0.57cvss 8.8epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function.
- risk 0.57cvss 8.8epss 0.01
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in infostat.cgi.
- risk 0.53cvss 8.1epss 0.01
TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request.
- risk 0.51cvss 7.8epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi.
- risk 0.51cvss 7.8epss 0.01
TOTOLINK A810R V5.9c.4050_B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi.
- risk 0.51cvss 7.8epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 and V5.9c.4050_B20190424 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
- risk 0.49cvss 7.5epss 0.01
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi.
- risk 0.47cvss 7.3epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter.
- risk 0.47cvss 7.3epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the downloadFile.cgi through the v14 and v3 parameters
- risk 0.47cvss 7.3epss 0.00
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the…
- risk 0.47cvss 7.3epss 0.00
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function…
- risk 0.47cvss 7.2epss 0.03
Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4.1.2cu.5161_B20200903, Totolink A800R V4.1.2cu.5137_B20200730, Totolink A3000RU V5.9c.5185_B20201128, Totolink A810R V4.1.2cu.5182_B20201026 were discovered to contain a command…
- risk 0.42cvss 6.5epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the telnet service in product.ini.