Totolink A720R Firmware vulnerabilities

CVE-2025-60685 [MEDIUM] CWE-121 CVE-2025-60685: A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within t A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary (sub_401EE0 function). The binary reads the /proc/stat file using fgets() into a local buffer and subsequently parses the line using sscanf() into a single-byte variable with the %s format specifier. Maliciously crafted /proc/stat co

CVE-2025-60683 [MEDIUM] CWE-77 CVE-2025-60683: A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B2023063 A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary, specifically in the sub_40BFA4 function that handles network interface reinitialization from '/var/system/linux_vlan_reinit'. Input is only partially validated by checking the prefix of interface names, and is concatenated

CVE-2025-60686 [MEDIUM] CWE-121 CVE-2025-60686: A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binarie A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers (A720R V4.1.5cu.614_B20230630, LR1200GB V9.1.0u.6619_B20230130, and NR1800X V9.1.0u.6681_B20230703). Both programs parse the contents of /proc/net/arp using sscanf() with "%s" format specifiers into fixed-size stack buffers witho

CVE-2025-60682 [MEDIUM] CWE-77 CVE-2025-60682: A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B2023063 A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the cloudupdate_check binary, specifically in the sub_402414 function that handles cloud update parameters. User-supplied 'magicid' and 'url' values are directly concatenated into shell commands and executed via system() without any sanitizati

CVE-2025-9303 [HIGH] CWE-119 CVE-2025-9303: A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B20250509. This issue affects the A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B20250509. This issue affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument desc results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.

CVE-2025-4269 [MEDIUM] CWE-266 CVE-2025-4269: A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affec A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi of the component Log Handler. The manipulation of the argument topicurl with the input clearDiagnosisLog/clearSyslog/clearTracerouteLog leads to improper access controls. The attack may be init

CVE-2025-4271 [MEDIUM] CWE-200 CVE-2025-4271: A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affect A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attack can be launched remotely. The exploit has been disclos

CVE-2025-4270 [MEDIUM] CWE-200 CVE-2025-4270: A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affe A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to information disclosure. It is possible to launch the attack remote

CVE-2025-4268 [MEDIUM] CWE-287 CVE-2025-4268: A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulner A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and

CVE-2024-8869 [LOW] CWE-78 CVE-2024-8869: A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the funct A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the function exportOvpn. The manipulation leads to os command injection. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but di

CVE-2023-23064 [CRITICAL] CWE-863 CVE-2023-23064: TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control. TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control.

CVE-2022-38535 [HIGH] CWE-78 CVE-2022-38535: TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function.

CVE-2022-38534 [HIGH] CWE-78 CVE-2022-38534: TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setdiagnosicfg function.

CVE-2022-36610 [HIGH] CWE-798 CVE-2022-36610: TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at /et TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample.

CVE-2022-36456 [HIGH] CWE-78 CVE-2022-36456: TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability vi TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.

CVE-2021-43662 [MEDIUM] CWE-770 CVE-2021-43662: totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue whi totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue which causes uncontrolled resource consumption.

CVE-2021-44247 [CRITICAL] CWE-77 CVE-2021-44247: Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_ Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain command injection vulnerability in the function setNoticeCfg. This vulnerability allows attackers to execute arbitrary commands via the IpFrom parameter.

CVE-2021-45740 [CRITICAL] CVE-2021-45740: TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the setWiFiWpsSt TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the setWiFiWpsStart function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the pin parameter.

CVE-2021-45742 [CRITICAL] CWE-77 CVE-2021-45742: TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a command injection vulnerability in TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

CVE-2021-44246 [HIGH] CVE-2021-44246: Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_ Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain a stack overflow in the function setNoticeCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IpTo parameter.