Totolink

A950rg

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS -
  • Veröffentlicht 09.07.2026 21:30:10
  • Zuletzt bearbeitet 09.07.2026 22:17:02

A security vulnerability has been detected in TOTOLINK A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185R_T10 and EX200 up to 20260906. Affected by this issue is some unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. ...

Exploit
  • EPSS 0.43%
  • Veröffentlicht 03.02.2026 00:00:00
  • Zuletzt bearbeitet 10.02.2026 14:15:24

A buffer overflow vulnerability exists in the setParentalRules interface of TOTOLINK A950RG V4.1.2cu.5204_B20210112. The urlKeyword parameter is not properly validated, and the function concatenates multiple user-controlled fields into a fixed-size s...

Exploit
  • EPSS 0.63%
  • Veröffentlicht 03.02.2026 00:00:00
  • Zuletzt bearbeitet 10.02.2026 14:15:36

A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The issue resides in the setRadvdCfg interface of the /lib/cste_modules/ipv6.so module. The function fails to properly validate the length of the user-controlled radvd...

Exploit
  • EPSS 0.44%
  • Veröffentlicht 03.02.2026 00:00:00
  • Zuletzt bearbeitet 10.02.2026 14:14:03

A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The flaw exists in the setIpQosRules interface of /lib/cste_modules/firewall.so where the comment parameter is not properly validated for length.

Exploit
  • EPSS 0.69%
  • Veröffentlicht 03.02.2026 00:00:00
  • Zuletzt bearbeitet 10.02.2026 14:17:39

TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cste_modules/firewall.so. The vulnerability occurs because the `url` parameter is not properly validated for length, allowing ...

Exploit
  • EPSS 2.32%
  • Veröffentlicht 13.11.2025 00:00:00
  • Zuletzt bearbeitet 18.11.2025 01:49:21

A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `system.so` binary. The `setDiagnosisCfg` function retrieves the `ipDoamin` parameter from user input via `websGetVar` and concatenate...

Exploit
  • EPSS 0.77%
  • Veröffentlicht 13.11.2025 00:00:00
  • Zuletzt bearbeitet 18.11.2025 01:51:46

A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `global.so` binary. The `getSaveConfig` function retrieves the `http_host` parameter from user input via `websGetVar` and copies it into...

  • EPSS 0.34%
  • Veröffentlicht 21.07.2025 00:00:00
  • Zuletzt bearbeitet 05.07.2026 01:21:43

In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for inter...

  • EPSS 0.94%
  • Veröffentlicht 10.05.2025 05:00:10
  • Zuletzt bearbeitet 29.07.2025 14:42:19

A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The man...

Exploit
  • EPSS 12.88%
  • Veröffentlicht 08.05.2025 20:15:30
  • Zuletzt bearbeitet 16.05.2025 15:36:45

TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so.