Shodan
Vulnerabilities
Vulnerable Software
Totolink:  >> N600r Firmware  >> 4.3.0cu.7647_b20210106  Security Vulnerabilities
CVE-2025-11444
A security vulnerability has been detected in TOTOLINK N600R up to 4.3.0cu.7866_B20220506. This impacts the function setWiFiBasicConfig of the file /cgi-bin/cstecgi.cgi of the component HTTP Request Handler. Such manipulation of the argument wepkey leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-10-08
CVE-2025-51390
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsConfig function.
CVSS Score
9.8
EPSS Score
0.044
Published
2025-08-04
CVE-2025-22903
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the pin parameter in the function setWiFiWpsConfig.
CVSS Score
4.6
EPSS Score
0.001
Published
2025-04-15
CVE-2025-22900
Totolink N600R v4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macCloneMac parameter in the setWanConfig function.
CVSS Score
9.8
EPSS Score
0.003
Published
2025-04-15
CVE-2023-43141
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-09-25
CVE-2022-36613
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-29
CVE-2022-29391
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-10
CVE-2022-29392
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-10
CVE-2022-29393
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-10
CVE-2022-29394
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-05-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved