Totolink

Nr1800x Firmware

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-7548

Exploit
  • EPSS 1.54%
  • Veröffentlicht 01.05.2026 02:30:14
  • Zuletzt bearbeitet 01.05.2026 15:26:24

A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. This affects the function sub_41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to b...

9.8

CVE-2026-7546

Exploit
  • EPSS 0.1%
  • Veröffentlicht 01.05.2026 02:15:12
  • Zuletzt bearbeitet 01.05.2026 15:26:24

A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. The impacted element is the function find_host_ip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack...

9.8

CVE-2026-5030

Exploit
  • EPSS 1.92%
  • Veröffentlicht 29.03.2026 03:30:15
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A vulnerability has been found in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument host_time leads to command in...

8.8

CVE-2026-1328

Exploit
  • EPSS 0.06%
  • Veröffentlicht 22.01.2026 14:32:13
  • Zuletzt bearbeitet 29.01.2026 17:47:56

A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. Impacted is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer ove...

8.8

CVE-2026-1327

Exploit
  • EPSS 0.41%
  • Veröffentlicht 22.01.2026 14:02:10
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command l...

8.8

CVE-2026-1326

Exploit
  • EPSS 0.41%
  • Veröffentlicht 22.01.2026 13:32:08
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A weakness has been identified in Totolink NR1800X 9.1.0u.6279_B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes comm...

6.5

CVE-2025-60688

Exploit
  • EPSS 0.29%
  • Veröffentlicht 13.11.2025 00:00:00
  • Zuletzt bearbeitet 19.11.2025 17:33:06

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (setDefResponse function). The binary reads the "IpAddress" parameter fr...

5.1

CVE-2025-60686

Exploit
  • EPSS 0.02%
  • Veröffentlicht 13.11.2025 00:00:00
  • Zuletzt bearbeitet 19.11.2025 17:41:28

A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers (A720R V4.1.5cu.614_B20230630, LR1200GB V9.1.0u.6619_B20230130, and NR1800X V9.1.0u.6681_B20230703). Both programs parse the con...

6.5

CVE-2025-60684

Exploit
  • EPSS 0.29%
  • Veröffentlicht 13.11.2025 00:00:00
  • Zuletzt bearbeitet 24.11.2025 15:33:48

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (sub_42F32C function). The web interface reads the "lang" parameter and ...

8.8

CVE-2025-45845

Exploit
  • EPSS 0.35%
  • Veröffentlicht 08.05.2025 00:00:00
  • Zuletzt bearbeitet 16.05.2025 15:39:26

TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyGuestCfg function.