Totolink Nr1800X vulnerabilities

5 known vulnerabilities affecting totolink/nr1800x.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2026-5030MEDIUMCVSS 5.3v9.1.0u.6279_B202109102026-03-29
CVE-2026-5030 [MEDIUM] CWE-74 CVE-2026-5030: A vulnerability has been found in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the fun A vulnerability has been found in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument host_time leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be u
cvelistv5nvd
CVE-2026-1328HIGHCVSS 7.4v9.1.0u.6279_B202109102026-01-22
CVE-2026-1328 [HIGH] CWE-119 CVE-2026-1328: A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. Impacted is the function set A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. Impacted is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
cvelistv5nvd
CVE-2026-1327MEDIUMCVSS 5.3v9.1.0u.6279_B202109102026-01-22
CVE-2026-1327 [MEDIUM] CWE-74 CVE-2026-1327: A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. This issue aff A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly
cvelistv5nvd
CVE-2026-1326MEDIUMCVSS 5.3v9.1.0u.6279_B202109102026-01-22
CVE-2026-1326 [MEDIUM] CWE-74 CVE-2026-1326: A weakness has been identified in Totolink NR1800X 9.1.0u.6279_B20210910. This vulnerability affects A weakness has been identified in Totolink NR1800X 9.1.0u.6279_B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been made available to the public a
cvelistv5nvd
CVE-2023-7220CRITICALCVSS 9.8v9.1.0u.6279_B202109102024-01-09
CVE-2023-7220 [CRITICAL] CWE-121 CVE-2023-7220: A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 and classified as critical. Affe A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be
cvelistv5nvd