All 8 CVE vulnerabilities found in N300RH, with AI-generated Chinese analysis, references, and POCs.
Vendor: TOTOLINK
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2026-6158 | Totolink N300RH upgrade.so setUpgradeUboot os command injection CWE-78 | 7.3 | High | 2026-04-13 |
| CVE-2026-3696 | Totolink N300RH CGI cstecgi.cgi setWiFiWpsConfig os command injection CWE-78 | 7.3 | High | 2026-03-08 |
| CVE-2026-3301 | Totolink N300RH Web Management cstecgi.cgi setWebWlanIdx os command injection CWE-78 | 9.8 | Critical | 2026-02-27 |
| CVE-2025-6401 | TOTOLINK N300RH HTTP POST Message formFilter denial of service CWE-404 | 3.5 | Low | 2025-06-21 |
| CVE-2025-6400 | TOTOLINK N300RH HTTP POST Message formPortFw buffer overflow CWE-120 | 8.8 | High | 2025-06-21 |
| CVE-2025-4851 | TOTOLINK N300RH cstecgi.cgi setUploadUserData command injection CWE-77 | 6.3 | Medium | 2025-05-18 |
| CVE-2025-4850 | TOTOLINK N300RH cstecgi.cgi setUnloadUserData command injection CWE-77 | 6.3 | Medium | 2025-05-18 |
| CVE-2025-4849 | TOTOLINK N300RH cstecgi.cgi CloudACMunualUpdateUserdata command injection CWE-77 | 6.3 | Medium | 2025-05-18 |
All 8 known CVE vulnerabilities affecting N300RH with full Chinese analysis, references, and POCs where available.