Totolink

A7000r

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.3

CVE-2026-1623

Exploit
  • EPSS 1.04%
  • Veröffentlicht 29.01.2026 20:32:08
  • Zuletzt bearbeitet 04.02.2026 16:34:21

A weakness has been identified in Totolink A7000R 4.1cu.4154. Impacted is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument FileName causes command injection. The attack can be initiated remotely. The explo...

6.3

CVE-2026-1601

Exploit
  • EPSS 4.18%
  • Veröffentlicht 29.01.2026 18:32:07
  • Zuletzt bearbeitet 04.02.2026 16:34:21

A weakness has been identified in Totolink A7000R 4.1cu.4154. The impacted element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument FileName can lead to command injection. The attack can be ...

6.5

CVE-2026-1548

Exploit
  • EPSS 1.04%
  • Veröffentlicht 28.01.2026 22:32:08
  • Zuletzt bearbeitet 29.01.2026 17:16:23

A flaw has been found in Totolink A7000R 4.1cu.4154. This impacts the function CloudACMunualUpdateUserdata of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument url causes command injection. The attack can be initiated remotely. The exp...

6.5

CVE-2026-1547

Exploit
  • EPSS 4.18%
  • Veröffentlicht 28.01.2026 22:02:10
  • Zuletzt bearbeitet 29.01.2026 17:16:23

A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument plugin_name results in command injection. It is possible to launch the attack r...

7.5

CVE-2025-63153

Exploit
  • EPSS 0.27%
  • Veröffentlicht 10.11.2025 00:00:00
  • Zuletzt bearbeitet 17.11.2025 18:23:11

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the ssid parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63154

Exploit
  • EPSS 0.28%
  • Veröffentlicht 10.11.2025 00:00:00
  • Zuletzt bearbeitet 17.11.2025 18:22:52

TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

7.5

CVE-2025-63460

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 17:15:47
  • Zuletzt bearbeitet 05.11.2025 17:30:08

Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the sub_4222E0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63461

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 17:30:00

Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63462

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 17:29:54

Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the wifiOff parameter in the sub_421A04 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

7.5

CVE-2025-63459

Exploit
  • EPSS 0.27%
  • Veröffentlicht 31.10.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 17:29:18

Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the sub_421CF0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.