A810R

CVEs (9)

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2025-28037	Totolink A950RG	0.01	—	0.07	Apr 22, 2025	TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.
CVE-2025-28034	Totolink A8000RU	0.01	—	0.06	Apr 22, 2025	TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.
CVE-2025-28021	Totolink A810R	0.00	—	0.00	Apr 23, 2025	TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the downloadFile.cgi through the v14 and v3 parameters
CVE-2025-28022	Totolink A810R	0.00	—	0.00	Apr 23, 2025	TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter.
CVE-2025-28033	Totolink A8000RU	0.00	—	0.00	Apr 22, 2025	TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpTo parameter.
CVE-2025-28031	Totolink A810R	0.00	—	0.00	Apr 22, 2025	TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the telnet service in product.ini.
CVE-2025-28024	Totolink A810R	0.00	—	0.00	Apr 22, 2025	TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the cstecgi.cgi
CVE-2025-28030	Totolink A810R	0.00	—	0.00	Apr 22, 2025	TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function.
CVE-2025-28032	Totolink A8000RU	0.00	—	0.00	Apr 22, 2025	TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpForm parameter.

CVE-2025-28037Apr 22, 2025
Totolink
A950RG
risk 0.01cvss —epss 0.07
TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a pre-auth remote command execution vulnerability in the setDiagnosisCfg function through the ipDomain parameter.
CVE-2025-28034Apr 22, 2025
Totolink
A8000RU
risk 0.01cvss —epss 0.06
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.
CVE-2025-28021Apr 23, 2025
Totolink
A810R
risk 0.00cvss —epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the downloadFile.cgi through the v14 and v3 parameters
CVE-2025-28022Apr 23, 2025
Totolink
A810R
risk 0.00cvss —epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in downloadFile.cgi through the v25 parameter.
CVE-2025-28033Apr 22, 2025
Totolink
A8000RU
risk 0.00cvss —epss 0.00
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpTo parameter.
CVE-2025-28031Apr 22, 2025
Totolink
A810R
risk 0.00cvss —epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the telnet service in product.ini.
CVE-2025-28024Apr 22, 2025
Totolink
A810R
risk 0.00cvss —epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in the cstecgi.cgi
CVE-2025-28030Apr 22, 2025
Totolink
A810R
risk 0.00cvss —epss 0.00
TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function.
CVE-2025-28032Apr 22, 2025
Totolink
A8000RU
risk 0.00cvss —epss 0.00
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpForm parameter.