Totolink — Vulnerabilities & Security Advisories 390

Browse all 390 CVE security advisories affecting Totolink. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Totolink:A7100RU A702R X15 A3600R EX1200T A3300R T6 N150RT N200RE LR1200GB AC1200 T8 A3002R T10 A3700R X6000R N350RT LR350 X2000R EX1800T EX1200L N300RH A3002RU A7000R A720R CA300-PoE NR1800X X18 A3000RU X5000R WA300

CVE ID	Title	CVSS	Severity	Published
CVE-2026-3696	Totolink N300RH CGI cstecgi.cgi setWiFiWpsConfig os command injection — N300RHCWE-78	7.3	High	2026-03-08
CVE-2026-3301	Totolink N300RH Web Management cstecgi.cgi setWebWlanIdx os command injection — N300RHCWE-78	9.8	Critical	2026-02-27
CVE-2026-2167	Totolink WA300 cstecgi.cgi setAPNetwork os command injection — WA300CWE-78	6.3	Medium	2026-02-08
CVE-2026-1723	TOTOLINK X6000R Unauthenticated Command Injection Vulnerability — X6000RCWE-78	9.8^AI	Critical^AI	2026-01-30
CVE-2026-1686	Totolink A3600R app.so setAppEasyWizardConfig buffer overflow — A3600RCWE-120	8.8	High	2026-01-30
CVE-2026-1623	Totolink A7000R cstecgi.cgi setUpgradeFW command injection — A7000RCWE-77	6.3	Medium	2026-01-29
CVE-2026-1601	Totolink A7000R cstecgi.cgi setUploadUserData command injection — A7000RCWE-77	6.3	Medium	2026-01-29
CVE-2026-1548	Totolink A7000R cstecgi.cgi CloudACMunualUpdateUserdata command injection — A7000RCWE-77	6.3	Medium	2026-01-28
CVE-2026-1547	Totolink A7000R cstecgi.cgi setUnloadUserData command injection — A7000RCWE-77	6.3	Medium	2026-01-28
CVE-2026-1328	Totolink NR1800X POST Request cstecgi.cgi setWizardCfg buffer overflow — NR1800XCWE-120	8.8	High	2026-01-22
CVE-2026-1327	Totolink NR1800X POST Request cstecgi.cgi setTracerouteCfg command injection — NR1800XCWE-77	6.3	Medium	2026-01-22
CVE-2026-1326	Totolink NR1800X POST Request cstecgi.cgi setWanCfg command injection — NR1800XCWE-77	6.3	Medium	2026-01-22
CVE-2026-1158	Totolink LR350 POST Request cstecgi.cgi setWizardCfg buffer overflow — LR350CWE-120	8.8	High	2026-01-19
CVE-2026-1157	Totolink LR350 cstecgi.cgi setWiFiEasyCfg buffer overflow — LR350CWE-120	8.8	High	2026-01-19
CVE-2026-1156	Totolink LR350 cstecgi.cgi setWiFiBasicCfg buffer overflow — LR350CWE-120	8.8	High	2026-01-19
CVE-2026-1155	Totolink LR350 cstecgi.cgi setWiFiEasyGuestCfg buffer overflow — LR350CWE-120	8.8	High	2026-01-19
CVE-2026-1150	Totolink LR350 POST Request cstecgi.cgi setTracerouteCfg command injection — LR350CWE-77	6.3	Medium	2026-01-19
CVE-2026-1149	Totolink LR350 POST Request cstecgi.cgi setDiagnosisCfg command injection — LR350CWE-77	6.3	Medium	2026-01-19
CVE-2026-1143	TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg buffer overflow — A3700RCWE-120	8.8	High	2026-01-19
CVE-2026-0731	TOTOLINK WA1200 HTTP Request cstecgi.cgi null pointer dereference — WA1200CWE-476	5.3	Medium	2026-01-08
CVE-2026-0641	TOTOLINK WA300 cstecgi.cgi sub_401510 command injection — WA300CWE-77	6.3	Medium	2026-01-06
CVE-2025-14964	TOTOLINK T10 cstecgi.cgi sprintf stack-based overflow — T10CWE-121	9.8	Critical	2025-12-19
CVE-2025-14586	TOTOLINK X5000R cstecgi.cgi snprintf os command injection — X5000RCWE-78	6.3	Medium	2025-12-13
CVE-2025-34319	TOTOLINK N300RT <= V2.1.8-B20201030.1539 Boa formWsc RCE — N300RTCWE-78	9.8^AI	Critical^AI	2025-12-03
CVE-2025-12260	TOTOLINK A3300R POST Parameter cstecgi.cgi setSyslogCfg stack-based overflow — A3300RCWE-121	8.8	High	2025-10-27
CVE-2025-12259	TOTOLINK A3300R POST Parameter cstecgi.cgi setScheduleCfg stack-based overflow — A3300RCWE-121	8.8	High	2025-10-27
CVE-2025-12258	TOTOLINK A3300R POST Parameter cstecgi.cg setOpModeCfg stack-based overflow — A3300RCWE-121	8.8	High	2025-10-27
CVE-2025-12241	TOTOLINK A3300R POST Parameter cstecgi.cgi setLanguageCfg stack-based overflow — A3300RCWE-121	8.8	High	2025-10-27
CVE-2025-12240	TOTOLINK A3300R cstecgi.cgi setDmzCfg buffer overflow — A3300RCWE-120	8.8	High	2025-10-27
CVE-2025-12239	TOTOLINK A3300R cstecgi.cgi setDdnsCfg buffer overflow — A3300RCWE-120	8.8	High	2025-10-27

This page lists every published CVE security advisory associated with Totolink. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Totolink — Vulnerabilities & Security Advisories 390