Shodan
Vulnerabilities
Vulnerable Software
Totolink:  >> A7000r Firmware  >> 9.1.0u.6115_b20201022  Security Vulnerabilities
CVE-2025-63153
TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the ssid parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-11-10
CVE-2025-63154
TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-11-10
CVE-2025-63459
Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the sub_421CF0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.003
Published
2025-10-31
CVE-2025-63460
Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the sub_4222E0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.003
Published
2025-10-31
CVE-2025-63461
Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.003
Published
2025-10-31
CVE-2025-63462
Totolink A7000R v9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the wifiOff parameter in the sub_421A04 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS Score
7.5
EPSS Score
0.003
Published
2025-10-31
CVE-2025-51452
In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-08-13
CVE-2024-28639
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022, allow remote attackers to execute arbitrary code and cause a denial of service (DoS) via the IP field.
CVSS Score
9.8
EPSS Score
0.035
Published
2024-03-16
CVE-2024-28640
Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.
CVSS Score
7.5
EPSS Score
0.005
Published
2024-03-16
CVE-2023-49417
TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved