Totolink A720r_firmware
28 CVEs affecting Totolink A720r_firmware. Latest disclosed: 2025-11-13. Critical: 8, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-23064 | Critical | 9.8 | 2023-02-17 | TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control. |
CVE-2021-45742 | Critical | 9.8 | 2022-02-04 | TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers t… |
CVE-2021-45740 | Critical | 9.8 | 2022-02-04 | TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the setWiFiWpsStart function. This vulnerability allows attackers to cause… |
CVE-2021-44247 | Critical | 9.8 | 2022-02-04 | Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain command injection vuln… |
CVE-2021-35327 | Critical | 9.8 | 2021-08-05 | A vulnerability in TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to start the Telnet service, then login with the default credentials v… |
CVE-2021-35324 | Critical | 9.8 | 2021-08-05 | A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4.1.5cu.470_B20200911 allows attackers to bypass authentication. |
CVE-2021-27710 | Critical | 9.8 | 2021-04-14 | Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote… |
CVE-2021-27708 | Critical | 9.8 | 2021-04-14 | Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote… |
CVE-2025-9303 | High | 8.8 | 2025-08-21 | A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B20250509. This issue affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi… |
CVE-2022-36610 | High | 7.8 | 2022-08-29 | TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample. |
CVE-2022-36456 | High | 7.8 | 2022-08-25 | TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi. |
CVE-2021-45739 | High | 7.5 | 2022-02-04 | TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Den… |
CVE-2021-45737 | High | 7.5 | 2022-02-04 | TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Den… |
CVE-2021-44246 | High | 7.5 | 2022-02-04 | Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain a stack overflow in th… |
CVE-2021-35326 | High | 7.5 | 2021-08-05 | A vulnerability in TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows attackers to download the configuration file via sending a crafted HTTP re… |
CVE-2021-35325 | High | 7.5 | 2021-08-05 | A stack overflow in the checkLoginUser function of TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to cause a denial of service (DOS). |
CVE-2022-38535 | High | 7.2 | 2022-09-15 | TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function. |
CVE-2022-38534 | High | 7.2 | 2022-09-15 | TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setdiagnosicfg function. |
CVE-2025-60683 | Medium | 6.5 | 2025-11-13 | A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary, specifically in the sub_40BFA4… |
CVE-2025-60682 | Medium | 6.5 | 2025-11-13 | A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the cloudupdate_check binary, specifically in the… |