Totolink A3100R Firmware vulnerabilities

CVE-2025-4496 [HIGH] CWE-119 CVE-2025-4496: A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5 A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. The attack can be initiated remotely. The ex

CVE-2025-45787 [CRITICAL] CWE-787 CVE-2025-45787: TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow viathe comment parameter in setIpPortFil TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow viathe comment parameter in setIpPortFilterRules.

CVE-2025-45789 [CRITICAL] CWE-787 CVE-2025-45789: TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow via the urlKeyword parameter in setParen TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow via the urlKeyword parameter in setParentalRules.

CVE-2025-45788 [CRITICAL] CWE-787 CVE-2025-45788: TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the comment parameter in setMacFilte TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the comment parameter in setMacFilterRules.

CVE-2025-45790 [CRITICAL] CWE-787 CVE-2025-45790: TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the priority parameter in the setMac TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the priority parameter in the setMacQos interface of /lib/cste_modules/firewall.so.

CVE-2025-28028 [HIGH] CWE-120 CVE-2025-28028: TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128 TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v5 parameter.

CVE-2025-28025 [HIGH] CWE-120 CVE-2025-28025: TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128 TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v14 parameter.

CVE-2025-28034 [CRITICAL] CWE-78 CVE-2025-28034: TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102 TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth remote command execution vulnerability in the NTPSyncWithHost function through the hostTime parameter.

CVE-2025-28035 [CRITICAL] CWE-78 CVE-2025-28035: TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vuln TOTOLINK A830R V4.1.2cu.5182_B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.

CVE-2025-28036 [CRITICAL] CWE-78 CVE-2025-28036: TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vul TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.

CVE-2025-28029 [HIGH] CWE-121 CVE-2025-28029: TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128 TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in cstecgi.cgi

CVE-2025-28026 [HIGH] CWE-121 CVE-2025-28026: TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128 TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi.

CVE-2025-28027 [HIGH] CWE-121 CVE-2025-28027: TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128 TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 was found to contain a buffer overflow vulnerability in downloadFile.cgi.

CVE-2025-28033 [HIGH] CWE-121 CVE-2025-28033: TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102 TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpTo parameter.

CVE-2025-28032 [HIGH] CWE-121 CVE-2025-28032: TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102 TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpForm parameter.

CVE-2025-28256 [CRITICAL] CWE-78 CVE-2025-28256: An issue in TOTOLINK A3100R V4.1.2cu.5247_B20211129 allows a remote attacker to execute arbitrary co An issue in TOTOLINK A3100R V4.1.2cu.5247_B20211129 allows a remote attacker to execute arbitrary code via the setWebWlanIdx of the file /lib/cste_modules/wireless.so.

CVE-2024-42547 [CRITICAL] CWE-120 CVE-2024-42547: TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host paramet TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.

CVE-2024-42546 [CRITICAL] CWE-120 CVE-2024-42546: TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password paramete TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function.

CVE-2024-7157 [HIGH] CWE-120 CVE-2024-7157: A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been classified as criti A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been classified as critical. This affects the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the p

CVE-2024-7158 [MEDIUM] CWE-77 CVE-2024-7158: A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as critica A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as critical. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument telnet_enabled leads to command injection. The attack can be initiated remotely. The exp