Totolink T6_firmware
39 CVEs affecting Totolink T6_firmware. Latest disclosed: 2025-07-25. Critical: 14, High: 18.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-7221 | Critical | 9.8 | 2024-01-09 | A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecg… |
CVE-2022-38828 | Critical | 9.8 | 2022-09-16 | TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to command injection via cstecgi.cgi |
CVE-2022-38827 | Critical | 9.8 | 2022-09-16 | TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to Buffer Overflow via cstecgi.cgi |
CVE-2022-38826 | Critical | 9.8 | 2022-09-16 | In TOTOLINK T6 V4.1.5cu.709_B20210518, there is an execute arbitrary command in cstecgi.cgi. |
CVE-2022-38823 | Critical | 9.8 | 2022-09-16 | In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow.sample. |
CVE-2022-25084 | Critical | 9.8 | 2022-02-24 | TOTOLink T6 V5.9c.4085_B20190428 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to exe… |
CVE-2022-25137 | Critical | 9.8 | 2022-02-19 | A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firm… |
CVE-2022-25136 | Critical | 9.8 | 2022-02-19 | A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmwar… |
CVE-2022-25135 | Critical | 9.8 | 2022-02-19 | A command injection vulnerability in the function recv_mesh_info_sync of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attacker… |
CVE-2022-25134 | Critical | 9.8 | 2022-02-19 | A command injection vulnerability in the function setUpgradeFW of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to ex… |
CVE-2022-25133 | Critical | 9.8 | 2022-02-19 | A command injection vulnerability in the function isAssocPriDevice of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers t… |
CVE-2022-25132 | Critical | 9.8 | 2022-02-19 | A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to e… |
CVE-2022-25131 | Critical | 9.8 | 2022-02-19 | A command injection vulnerability in the function recvSlaveCloudCheckStatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10… |
CVE-2022-25130 | Critical | 9.8 | 2022-02-19 | A command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware… |
CVE-2025-8170 | High | 8.8 | 2025-07-25 | A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file /router… |
CVE-2025-7913 | High | 8.8 | 2025-07-21 | A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015. Affected is the function updateWifiInfo of the component MQT… |
CVE-2025-7912 | High | 8.8 | 2025-07-20 | A vulnerability, which was classified as critical, has been found in TOTOLINK T6 4.1.5cu.748_B20211015. This issue affects the function recvSlaveUpgstatus of t… |
CVE-2025-7837 | High | 8.8 | 2025-07-19 | A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this issue is the function recvSlaveStaInfo of the compo… |
CVE-2025-7758 | High | 8.8 | 2025-07-17 | A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4.1.5cu.748_B20211015. Affected by this issue is the function setDiagnos… |
CVE-2025-7460 | High | 8.8 | 2025-07-11 | A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules… |