VYPR

A3000RU

by Totolink

CVEs (11)

  • CVE-2022-25075CriFeb 24, 2022
    risk 0.68cvss 9.8epss 0.56

    TOTOLink A3000RU V5.9c.2280_B20180512 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

  • CVE-2025-4496HigMay 10, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument…

  • CVE-2022-36615HigAug 29, 2022
    risk 0.51cvss 7.8epss 0.00

    TOTOLINK A3000RU V4.1.2cu.5185_B20201128 was discovered to contain a hardcoded password for root at /etc/shadow.sample.

  • CVE-2025-28028HigApr 23, 2025
    risk 0.47cvss 7.3epss 0.00

    TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v5 parameter.

  • CVE-2025-28025HigApr 23, 2025
    risk 0.47cvss 7.3epss 0.00

    TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v14 parameter.

  • CVE-2025-28029HigApr 22, 2025
    risk 0.47cvss 7.3epss 0.00

    TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in cstecgi.cgi

  • CVE-2025-28027HigApr 22, 2025
    risk 0.47cvss 7.3epss 0.00

    TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 was found to contain a buffer overflow vulnerability in downloadFile.cgi.

  • CVE-2025-28026HigApr 22, 2025
    risk 0.47cvss 7.3epss 0.00

    TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi.

  • CVE-2025-2955MedMar 30, 2025
    risk 0.34cvss 5.3epss 0.01

    A vulnerability has been found in TOTOLINK A3000RU up to 5.9c.5185 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/ExportIbmsConfig.sh of the component IBMS Configuration File Handler. The manipulation leads to improper access…

  • CVE-2025-2688MedMar 24, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability classified as problematic was found in TOTOLINK A3000RU up to 5.9c.5185. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/ExportSyslog.sh of the component Syslog Configuration File Handler. The manipulation leads to improper access…

  • CVE-2024-7170LowJul 28, 2024
    risk 0.23cvss 3.5epss 0.01

    A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and…