Totolink

T10 Firmware

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-4496

  • EPSS 0.26%
  • Veröffentlicht 10.05.2025 05:00:10
  • Zuletzt bearbeitet 29.07.2025 14:42:19

A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The man...

8.8

CVE-2024-9001

Exploit
  • EPSS 1.68%
  • Veröffentlicht 19.09.2024 20:15:07
  • Zuletzt bearbeitet 24.09.2024 16:14:30

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injectio...

8.8

CVE-2024-8577

Exploit
  • EPSS 0.55%
  • Veröffentlicht 08.09.2024 19:15:10
  • Zuletzt bearbeitet 09.09.2024 18:51:32

A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi. The manipulation ...

8.8

CVE-2024-8576

Exploit
  • EPSS 0.55%
  • Veröffentlicht 08.09.2024 18:15:02
  • Zuletzt bearbeitet 09.09.2024 18:59:57

A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. It has been classified as critical. Affected is the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument de...

8.8

CVE-2024-8573

Exploit
  • EPSS 0.6%
  • Veröffentlicht 08.09.2024 10:15:01
  • Zuletzt bearbeitet 03.03.2025 18:15:30

A vulnerability, which was classified as critical, was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. This affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc/w...

9.8

CVE-2024-8162

Exploit
  • EPSS 0.41%
  • Veröffentlicht 26.08.2024 13:15:06
  • Zuletzt bearbeitet 27.08.2024 14:28:46

A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected is an unknown function of the file /squashfs-root/web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to hard-coded c...

9.8

CVE-2022-25130

  • EPSS 4.46%
  • Veröffentlicht 19.02.2022 00:15:17
  • Zuletzt bearbeitet 21.11.2024 06:51:40

A command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT ...

9.8

CVE-2022-25137

  • EPSS 4.46%
  • Veröffentlicht 19.02.2022 00:15:17
  • Zuletzt bearbeitet 21.11.2024 06:51:41

A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted M...

9.8

CVE-2022-25136

  • EPSS 4.46%
  • Veröffentlicht 19.02.2022 00:15:17
  • Zuletzt bearbeitet 21.11.2024 06:51:40

A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT...

9.8

CVE-2022-25132

  • EPSS 4.46%
  • Veröffentlicht 19.02.2022 00:15:17
  • Zuletzt bearbeitet 21.11.2024 06:51:40

A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.