CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-6401 – TOTOLINK N300RH HTTP POST Message formFilter denial of service
https://notcve.org/view.php?id=CVE-2025-6401
21 Jun 2025 — A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used. • https://github.com/d2pq/cve/blob/main/616/21.md • CWE-404: Improper Resource Shutdown or Release •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-6400 – TOTOLINK N300RH HTTP POST Message formPortFw buffer overflow
https://notcve.org/view.php?id=CVE-2025-6400
21 Jun 2025 — A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formPortFw of the component HTTP POST Message Handler. The manipulation of the argument service_type leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/d2pq/cve/blob/main/616/20.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2025-4851 – TOTOLINK N300RH cstecgi.cgi setUploadUserData command injection
https://notcve.org/view.php?id=CVE-2025-4851
18 May 2025 — A vulnerability classified as critical was found in TOTOLINK N300RH 6.1c.1390_B20191101. This vulnerability affects the function setUploadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/CH13hh/tmp_store_cc/blob/main/tt/ta/m3.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 4%CPEs: 1EXPL: 1CVE-2025-4850 – TOTOLINK N300RH cstecgi.cgi setUnloadUserData command injection
https://notcve.org/view.php?id=CVE-2025-4850
18 May 2025 — A vulnerability classified as critical has been found in TOTOLINK N300RH 6.1c.1390_B20191101. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument plugin_name leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/CH13hh/tmp_store_cc/blob/main/tt/ta/m2.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2025-4849 – TOTOLINK N300RH cstecgi.cgi CloudACMunualUpdateUserdata command injection
https://notcve.org/view.php?id=CVE-2025-4849
18 May 2025 — A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been rated as critical. Affected by this issue is the function CloudACMunualUpdateUserdata of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument url leads to command injection. The attack may be launched remotely. • https://github.com/CH13hh/tmp_store_cc/blob/main/tt/ta/m1.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 21%CPEs: 26EXPL: 1CVE-2020-25499
https://notcve.org/view.php?id=CVE-2020-25499
09 Dec 2020 — TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router. TOTOLINK A3002RU-V2.0.0 versión B20190814.1034, permite a usuarios remotos autenticados modificar el "Run Command" del sistema. Un atacante puede usar esta funcionalidad para ejecutar comandos arbitrarios del sistema operativo en el enrutador • https://github.com/kdoos/Vulnerabilities/blob/main/RCE_TOTOLINK-A3002RU-V2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 1CVE-2015-9550
https://notcve.org/view.php?id=CVE-2015-9550
24 Nov 2020 — An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface. Se detectó un problema en los dispositivos TOTOLINK A850R-V1 versiones hasta 1.0.1-B20150707.1612 y F1-V2 versiones hasta 1.1-B20150708.1646. Mediante el envío de un paquete hel,xasf específico hacia la interfaz WAN, es posible abrir la interfaz de admi... • https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 10.0EPSS: 7%CPEs: 16EXPL: 1CVE-2015-9551
https://notcve.org/view.php?id=CVE-2015-9551
24 Nov 2020 — An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter. Se detectó un problema en los dispositivos TOTOLINK A850R-V1 versiones hasta 1.0.1-B20150707.1612 y F1-V2 versiones hasta 1.1-B20150708.1646. Se presenta una Ejecución de Código Remota en la interfaz de administración por medio del parámetro formSysCmd sysCmd • https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html •