Vulnerabilities > Totolink > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-05-05 CVE-2025-4271 Improper Access Control vulnerability in Totolink A720R Firmware 4.1.5Cu.374
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374.
network
low complexity
totolink CWE-284
5.3
2025-05-05 CVE-2025-4268 Missing Authentication for Critical Function vulnerability in Totolink A720R Firmware 4.1.5Cu.374
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical.
network
low complexity
totolink CWE-306
5.3
2025-05-05 CVE-2025-4269 Incorrect Privilege Assignment vulnerability in Totolink A720R Firmware 4.1.5Cu.374
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical.
network
low complexity
totolink CWE-266
5.3
2025-04-16 CVE-2025-3675 Incorrect Privilege Assignment vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513.
network
low complexity
totolink CWE-266
5.3
2025-04-16 CVE-2025-3667 Incorrect Privilege Assignment vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513.
network
low complexity
totolink CWE-266
5.3
2025-04-16 CVE-2025-3668 Incorrect Privilege Assignment vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513.
network
low complexity
totolink CWE-266
5.3
2025-04-16 CVE-2025-3666 Incorrect Privilege Assignment vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513
A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as critical.
network
low complexity
totolink CWE-266
5.3
2024-07-30 CVE-2024-7216 Unspecified vulnerability in Totolink Lr1200 Firmware 9.3.1Cu.2832
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832.
network
high complexity
totolink
5.3
2024-07-28 CVE-2024-7155 Use of Hard-coded Credentials vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as problematic.
local
high complexity
totolink CWE-798
4.7
2024-03-20 CVE-2024-29419 Cross-site Scripting vulnerability in Totolink X2000R Firmware 1.0.0B20221212.1452/1.0.0B20230221.0948/1.0.0B20230221.0948.Web
There is a Cross-site scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013.
network
low complexity
totolink CWE-79
5.4