Totolink

A7000r Firmware

31 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-63154

Exploit
  • EPSS 0.28%
  • Veröffentlicht 10.11.2025 00:00:00
  • Zuletzt bearbeitet 17.11.2025 18:22:52

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

7.5

CVE-2025-63153

Exploit
  • EPSS 0.27%
  • Veröffentlicht 10.11.2025 00:00:00
  • Zuletzt bearbeitet 17.11.2025 18:23:11

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the ssid parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63460

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 17:15:47
  • Zuletzt bearbeitet 05.11.2025 17:30:08

Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the sub_4222E0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63459

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 17:29:18

Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the sub_421CF0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63462

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 17:29:54

Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the wifiOff parameter in the sub_421A04 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63461

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 17:30:00

Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

9.8

CVE-2025-51452

  • EPSS 0.1%
  • Veröffentlicht 13.08.2025 00:00:00
  • Zuletzt bearbeitet 14.08.2025 14:15:33

In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm.

8.8

CVE-2024-7213

Exploit
  • EPSS 0.72%
  • Veröffentlicht 30.07.2024 03:15:01
  • Zuletzt bearbeitet 21.11.2024 09:51:06

A vulnerability, which was classified as critical, was found in TOTOLINK A7000R 9.1.0u.6268_B20220504. Affected is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to buffer overflow. It is possi...

8.8

CVE-2024-7212

Exploit
  • EPSS 0.77%
  • Veröffentlicht 30.07.2024 02:15:08
  • Zuletzt bearbeitet 21.11.2024 09:51:06

A vulnerability, which was classified as critical, has been found in TOTOLINK A7000R 9.1.0u.6268_B20220504. This issue affects the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow...

7.5

CVE-2024-28640

  • EPSS 17.05%
  • Veröffentlicht 16.03.2024 06:15:14
  • Zuletzt bearbeitet 27.06.2025 14:26:44

Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.