| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-14964 | TOTOLINK T10 cstecgi.cgi sprintf stack-based overflow | TOTOLINK | T10 | Critical | 9.8 | 2025-12-19 19:02:07 | Deep Dive |
| CVE-2025-12917 | TOZED ZLT T10 Reboot proc_post denial of service | TOZED | ZLT T10 | Medium | 4.3 | 2025-11-09 07:32:06 | Deep Dive |
| CVE-2025-30198 | ECOVACS Vacuum and Base Station Hard-Coded WPA2-PSK | ECOVACS | DEEBOT X1 Series | Medium | 6.3 | 2025-09-05 17:45:37 | Deep Dive |
| CVE-2025-30199 | ECOVACS Vacuum and Base Station accept unsigned firmware | ECOVACS | DEEBOT X1 Series | High | 7.2 | 2025-09-05 17:45:07 | Deep Dive |
| CVE-2025-30200 | ECOVACS Vacuum and Base Station Hard-Coded AES Encryption | ECOVACS | DEEBOT X1 Series | Medium | 6.3 | 2025-09-05 17:43:21 | Deep Dive |
| CVE-2025-9533 | TOTOLINK T10 formLoginAuth.htm improper authentication | TOTOLINK | T10 | High | 7.3 | 2025-08-27 14:32:11 | Deep Dive |
| CVE-2025-6139 | TOTOLINK T10 shadow.sample hard-coded password | TOTOLINK | T10 | Low | 3.9 | 2025-06-16 21:00:18 | Deep Dive |
| CVE-2025-6138 | TOTOLINK T10 HTTP POST Request cstecgi.cgi setWizardCfg buffer overflow | TOTOLINK | T10 | High | 8.8 | 2025-06-16 20:31:09 | Deep Dive |
| CVE-2025-6137 | TOTOLINK T10 HTTP POST Request cstecgi.cgi setWiFiScheduleCfg buffer overflow | TOTOLINK | T10 | High | 8.8 | 2025-06-16 20:00:16 | Deep Dive |
| CVE-2025-5905 | TOTOLINK T10 POST Request cstecgi.cgi setWiFiRepeaterCfg buffer overflow | TOTOLINK | T10 | High | 8.8 | 2025-06-10 00:00:19 | Deep Dive |
| CVE-2025-5904 | TOTOLINK T10 POST Request cstecgi.cgi setWiFiMeshName buffer overflow | TOTOLINK | T10 | High | 8.8 | 2025-06-10 00:00:16 | Deep Dive |
| CVE-2025-5903 | TOTOLINK T10 POST Request cstecgi.cgi setWiFiAclRules buffer overflow | TOTOLINK | T10 | High | 8.8 | 2025-06-09 23:31:07 | Deep Dive |
| CVE-2025-5902 | TOTOLINK T10 POST Request cstecgi.cgi setUpgradeFW buffer overflow | TOTOLINK | T10 | High | 8.8 | 2025-06-09 23:00:16 | Deep Dive |
| CVE-2025-5901 | TOTOLINK T10 POST Request cstecgi.cgi UploadCustomModule buffer overflow | TOTOLINK | T10 | High | 8.8 | 2025-06-09 22:31:08 | Deep Dive |
| CVE-2025-4496 | TOTOLINK T10/A3100R/A950RG/A800R/N600R/A3000RU/A810R cstecgi.cgi CloudACMunualUpdate buffer overflow | TOTOLINK | T10 | High | 8.8 | 2025-05-10 05:00:11 | Deep Dive |
| CVE-2024-52330 | ECOVACS lawnmowers and vacuums do not properly validate TLS certificates | ECOVACS | DEEBOT X5 PRO PLUS | High | 7.4 | 2025-01-23 16:36:50 | Deep Dive |
| CVE-2024-9001 | TOTOLINK T10 cstecgi.cgi setTracerouteCfg os command injection | TOTOLINK | T10 | Medium | 6.3 | 2024-09-19 20:00:09 | Deep Dive |
| CVE-2024-8577 | TOTOLINK AC1200 T8/AC1200 T10 cstecgi.cgi setStaticDhcpRules buffer overflow | TOTOLINK | AC1200 T8 | High | 8.8 | 2024-09-08 18:31:06 | Deep Dive |
| CVE-2024-8576 | TOTOLINK AC1200 T8/AC1200 T10 cstecgi.cgi setIpPortFilterRules buffer overflow | TOTOLINK | AC1200 T8 | High | 8.8 | 2024-09-08 18:00:07 | Deep Dive |
| CVE-2024-8573 | TOTOLINK AC1200 T8/AC1200 T10 cstecgi.cgi setParentalRules buffer overflow | TOTOLINK | AC1200 T8 | High | 8.8 | 2024-09-08 10:00:06 | Deep Dive |