120
CVEs
16
Critical
79
High
0
KEV
99
PoC
95
Unpatched C/H
0.0%
Patch Rate
1.4%
Avg EPSS
Severity Breakdown
CRITICAL
16
HIGH
79
MEDIUM
18
LOW
7
Monthly CVE Trend
Affected Products (30)
A3002r Firmware
45
A3002ru Firmware
23
Ex1200t Firmware
22
A702r Firmware
22
A950rg Firmware
21
X15 Firmware
20
A3100R Firmware
16
A810R Firmware
14
A3000Ru Firmware
13
N150rt Firmware
13
A800R Firmware
12
Ca600 Poe Firmware
10
A830R Firmware
10
A720R Firmware
9
T10 Firmware
8
A3700r Firmware
8
Nr1800x Firmware
8
Ex1800T Firmware
7
X6000r Firmware
7
X18 Firmware
7
N600r Firmware
6
X5000r Firmware
5
Ca300 Poe Firmware
4
Cp900 Firmware
4
Lr1200Gb Firmware
4
N300rh Firmware
4
X2000r Firmware
3
A7000r Firmware
3
N302r Plus Firmware
2
T6 Firmware
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-52053 | TOTOLINK X6000R router firmware V9.4.0cu.1360_B20241207 contains an unauthenticated command injection in the sub_417D74 function via the file_name parameter. Remote attackers can execute arbitrary commands on the router without authentication through crafted HTTP requests. | CRITICAL | 9.8 | 66.1% | 135 |
PoC
No patch
|
| CVE-2025-61045 | Command injection in TOTOLINK X18 via mac parameter. EPSS 3.4%. PoC available. | CRITICAL | 9.8 | 3.4% | 72 |
PoC
No patch
|
| CVE-2025-61044 | Command injection in TOTOLINK X18 via agentName in setEasyMeshAgentCfg. EPSS 2.7%. PoC available. | CRITICAL | 9.8 | 2.7% | 72 |
PoC
No patch
|
| CVE-2025-70327 | Argument injection in TOTOLINK X5000R router v9.1.0cu via setDiagnosisCfg handler allows unauthenticated remote code execution. EPSS 2.0% with PoC available. | CRITICAL | 9.8 | 2.0% | 71 |
PoC
No patch
|
| CVE-2025-46060 | Critical remote code execution vulnerability in TOTOLINK N600R router firmware v4.3.0cu.7866_B2022506, exploitable through a buffer overflow in the UPLOAD_FILENAME parameter without authentication. An unauthenticated remote attacker can execute arbitrary code with no user interaction required, achieving complete system compromise with CVSS 9.8 severity. KEV status and active exploitation data unavailable from provided sources; EPSS probability should be assumed high given unauthenticated network attack vector and critical impact. | CRITICAL | 9.8 | 1.1% | 70 |
PoC
No patch
|
| CVE-2025-67186 | TOTOLINK A950RG router firmware has a buffer overflow in setUrlFilterRules that allows remote attackers to execute code through the router's management interface. | CRITICAL | 9.8 | 0.8% | 70 |
PoC
No patch
|
| CVE-2025-67188 | TOTOLINK A950RG has a third buffer overflow in setRadvdCfg providing yet another RCE vector through the router's IPv6 configuration interface. | CRITICAL | 9.8 | 0.6% | 70 |
PoC
No patch
|
| CVE-2025-5600 | Buffer overflow in TOTOLINK EX1200T via setLanguageCfg. EPSS 0.52%. PoC available. | CRITICAL | 9.8 | 0.5% | 70 |
PoC
No patch
|
| CVE-2025-67187 | TOTOLINK A950RG has a stack-based buffer overflow in a second endpoint, providing an additional RCE vector through the router's CGI interface. | CRITICAL | 9.8 | 0.2% | 69 |
PoC
No patch
|
| CVE-2025-70328 | X6000R Firmware versions up to 9.4.0cu.1498_b20250826 is affected by os command injection (CVSS 8.8). | HIGH | 8.8 | 2.9% | 67 |
PoC
No patch
|
| CVE-2025-52089 | CVE-2025-52089 is a critical remote code execution vulnerability in TOTOLINK N300RB firmware version 8.54, where a hidden remote support feature protected only by a static secret allows authenticated attackers to execute arbitrary OS commands with root privileges. While the CVSS 3.1 score of 8.8 reflects high severity, the attack vector is adjacent network (AV:A), limiting widespread exploitation to network-adjacent attackers. The vulnerability has not been publicly confirmed as actively exploited or included in CISA's Known Exploited Vulnerabilities (KEV) catalog, but the simplistic authentication mechanism (static secret) and hidden feature design suggest high exploitability once discovered. | HIGH | 8.8 | 2.5% | 67 |
PoC
No patch
|
| CVE-2025-6393 | CVE-2025-6393 is a critical buffer overflow vulnerability in the HTTP POST request handler of TOTOLINK routers affecting models A702R, A3002R, A3002RU, and EX1200T across multiple firmware versions. An authenticated attacker can exploit this vulnerability by manipulating the 'submit-url' parameter in requests to /boafrm/formIPv6Addr to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). The exploit has been publicly disclosed and may be actively exploited in the wild. | HIGH | 8.8 | 1.6% | 66 |
PoC
No patch
|
| CVE-2025-5503 | A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available. | HIGH | 8.8 | 0.7% | 65 |
PoC
No patch
|
| CVE-2025-5792 | A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available. | HIGH | 8.8 | 0.6% | 65 |
PoC
No patch
|
| CVE-2025-5902 | Critical remote buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setUpgradeFW function in the POST request handler. An authenticated remote attacker can exploit improper input validation on the slaveIpList parameter to achieve complete system compromise with high confidentiality, integrity, and availability impact. The vulnerability has public exploit code available and represents an actively exploitable threat. | HIGH | 8.8 | 0.6% | 65 |
PoC
No patch
|