Vulnerabilities
Vulnerable Software
Totolink:  >> N600r  Security Vulnerabilities
Buffer Overflow vulnerability in TOTOLINK N600R v4.3.0cu.7866_B2022506 allows a remote attacker to execute arbitrary code via the UPLOAD_FILENAME component
CVSS Score
9.8
EPSS Score
0.006
Published
2025-06-13
A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241_B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.002
Published
2025-05-10
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the pin parameter in the function setWiFiWpsConfig.
CVSS Score
4.6
EPSS Score
0.001
Published
2025-04-15
Totolink N600R v4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macCloneMac parameter in the setWanConfig function.
CVSS Score
9.8
EPSS Score
0.003
Published
2025-04-15
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-09-25
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-08-29
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-10
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-10
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-10
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-10


Contact Us

Shodan ® - All rights reserved