Totolink T10 Firmware vulnerabilities

CVE-2025-14964 [CRITICAL] CWE-119 CVE-2025-14964: A vulnerability has been found in TOTOLINK T10 4.1.8cu.5083_B20200521. This affects the function spr A vulnerability has been found in TOTOLINK T10 4.1.8cu.5083_B20200521. This affects the function sprintf of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument loginAuthUrl leads to stack-based buffer overflow. The attack may be performed from remote.

CVE-2025-9533 [MEDIUM] CWE-287 CVE-2025-9533: A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown functi A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown function of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-44655 [CRITICAL] CWE-266 CVE-2025-44655: In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.

CVE-2025-6138 [HIGH] CWE-119 CVE-2025-6138: A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vuln A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ssid5g leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to th

CVE-2025-6137 [HIGH] CWE-119 CVE-2025-6137: A vulnerability classified as critical has been found in TOTOLINK T10 4.1.8cu.5207. Affected is the A vulnerability classified as critical has been found in TOTOLINK T10 4.1.8cu.5207. Affected is the function setWiFiScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument desc leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the pub

CVE-2025-6139 [LOW] CWE-255 CVE-2025-6139: A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. A A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. Affected by this issue is some unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can only be initiated within the local network. The complexity of an attack is rather high. The exploitatio

CVE-2025-5904 [HIGH] CWE-119 CVE-2025-5904: A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected b A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setWiFiMeshName of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument device_name leads to buffer overflow. The attack can be launched remotely. The exploit has been d

CVE-2025-5903 [HIGH] CWE-119 CVE-2025-5903: A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been classified as critical. Affected A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been classified as critical. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument desc leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the pu

CVE-2025-5905 [HIGH] CWE-119 CVE-2025-5905: A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been rated as critical. Affected by t A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been rated as critical. Affected by this issue is the function setWiFiRepeaterCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument Password leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to

CVE-2025-5902 [HIGH] CWE-119 CVE-2025-5902: A vulnerability was found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This issue affect A vulnerability was found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument slaveIpList leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public a

CVE-2025-5901 [HIGH] CWE-119 CVE-2025-5901: A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnera A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to

CVE-2025-4496 [HIGH] CWE-119 CVE-2025-4496: A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5 A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. The attack can be initiated remotely. The ex

CVE-2024-9001 [MEDIUM] CWE-78 CVE-2024-9001: A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. This vulne A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. T

CVE-2024-8573 [HIGH] CWE-119 CVE-2024-8573: A vulnerability, which was classified as critical, was found in TOTOLINK AC1200 T8 and AC1200 T10 4. A vulnerability, which was classified as critical, was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. This affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc/week/sTime/eTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has

CVE-2024-8577 [HIGH] CWE-120 CVE-2024-8577: A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. I A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to buffer overflow. The attack can be launched remotely. The exploit has been

CVE-2024-8576 [HIGH] CWE-120 CVE-2024-8576: A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. I A vulnerability was found in TOTOLINK AC1200 T8 and AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207. It has been classified as critical. Affected is the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed

CVE-2024-8162 [CRITICAL] CWE-798 CVE-2024-8162: A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected is an unknown function of the file /squashfs-root/web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to hard-coded credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public

CVE-2022-25132 [CRITICAL] CWE-77 CVE-2022-25132: A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6 V3_ A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.

CVE-2022-25137 [CRITICAL] CWE-77 CVE-2022-25137: A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.

CVE-2022-25130 [CRITICAL] CWE-77 CVE-2022-25130: A command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers T6 V A command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.