Totolink

N600r

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-60333

Exploit
  • EPSS 0.28%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 24.10.2025 13:19:12

TOTOLINK N600R v4.3.0cu.7866_B20220506 was discovered to contain a stack overflow in the wepkey2 parameter in the setWiFiMultipleConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5

CVE-2025-60334

Exploit
  • EPSS 0.16%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 24.10.2025 13:19:02

TOTOLINK N600R v4.3.0cu.7866_B20220506 was discovered to contain a stack overflow in the ssid parameter in the setWiFiBasicConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5

CVE-2025-60335

Exploit
  • EPSS 1.98%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 24.10.2025 13:18:55

A NULL pointer dereference in the main function of TOTOLINK N600R v4.3.0cu.7866_B20220506 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

7.5

CVE-2025-60336

Exploit
  • EPSS 3.46%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 24.10.2025 14:20:06

A NULL pointer dereference in the sub_41773C function of TOTOLINK N600R v4.3.0cu.7866_B20220506 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

9

CVE-2025-11444

Exploit
  • EPSS 0.17%
  • Veröffentlicht 08.10.2025 08:02:10
  • Zuletzt bearbeitet 14.10.2025 20:16:01

A security vulnerability has been detected in TOTOLINK N600R up to 4.3.0cu.7866_B20220506. This impacts the function setWiFiBasicConfig of the file /cgi-bin/cstecgi.cgi of the component HTTP Request Handler. Such manipulation of the argument wepkey l...

9.8

CVE-2025-9935

Exploit
  • EPSS 0.97%
  • Veröffentlicht 03.09.2025 23:02:09
  • Zuletzt bearbeitet 29.09.2025 18:32:03

A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866_B20220506. This vulnerability affects the function sub_4159F8 of the file /web_cste/cgi-bin/cstecgi.cgi. Executing manipulation can lead to command injection. The attack can be executed re...

9.8

CVE-2025-51390

Exploit
  • EPSS 2.16%
  • Veröffentlicht 04.08.2025 00:00:00
  • Zuletzt bearbeitet 15.08.2025 16:07:35

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsConfig function.

7.2

CVE-2025-8181

Exploit
  • EPSS 0.48%
  • Veröffentlicht 26.07.2025 07:15:26
  • Zuletzt bearbeitet 09.10.2025 19:40:44

A vulnerability, which was classified as critical, was found in TOTOLINK N600R and X2000R 1.0.0.1. This affects an unknown part of the file vsftpd.conf of the component FTP Service. The manipulation leads to least privilege violation. It is possible ...

9.8

CVE-2025-46060

Exploit
  • EPSS 0.86%
  • Veröffentlicht 13.06.2025 00:00:00
  • Zuletzt bearbeitet 16.06.2025 14:58:41

Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the UPLOAD_FILENAME component

9.8

CVE-2025-4496

  • EPSS 0.28%
  • Veröffentlicht 10.05.2025 05:00:10
  • Zuletzt bearbeitet 29.07.2025 14:42:19

A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The man...