CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2025/11/18 12:0 a.m.•6 views

TOTOLINK A720R Command Injection Vulnerability (CNVD-2025-29711)

TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a command injection vulnerability that stems from insufficient validation of the sysconf binary when...

6.5CVSS7.7AI score0.06054EPSS

CNVD•added 2025/11/18 12:0 a.m.•1 views

TOTOLINK A720R Command Injection Vulnerability (CNVD-2025-29710)

TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a command injection vulnerability that stems from the unvalidated magicid and url parameters in the...

6.5CVSS7.8AI score0.00693EPSS

RedhatCVE•added 2025/11/14 12:1 a.m.•1 views

CVE-2025-60685

A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary sub401EE0 function. The binary reads the /proc/stat file using fgets into a local buffer and subsequently parses the line using sscanf into a single-byte variable with the %s forma...

5.1CVSS8AI score0.00026EPSS

EUVD•added 2025/11/13 6:31 p.m.•1 views

EUVD-2025-175311

5.1CVSS7.5AI score0.00026EPSS

NVD•added 2025/11/13 4:15 p.m.•1 views

CVE-2025-60683

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary, specifically in the sub40BFA4 function that handles network interface reinitialization from '/var/system/linuxvlanreinit'. Input is only partially validated by checking...

6.5CVSS0.06054EPSS

NVD•added 2025/11/13 4:15 p.m.•1 views

CVE-2025-60685

5.1CVSS0.00026EPSS

Vulnrichment•added 2025/11/13 12:0 a.m.•1 views

CVE-2025-60683

7.8AI score0.06054EPSS

CVE•added 2025/11/13 12:0 a.m.•5 views

CVE-2025-60682

The connected CNVD/Red Hat/EUVD/NVD entries confirm CVE-2025-60682 affecting TOTOLINK A720R router firmware V4.1.5cu.614_B20230630, in the cloudupdate_check binary (sub_402414) where cloud update parameters are processed. User-controlled magicid and url are concatenated into shell commands and ex...

6.5CVSS8.1AI score0.00693EPSS

Exploits1References3Affected Software1

CNNVD•added 2025/11/13 12:0 a.m.•1 views

TOTOLINK A720R 安全漏洞

TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a command injection vulnerability that stems from the unvalidated magicid and url parameters in the...

6.5CVSS7.4AI score0.00693EPSS

Cvelist•added 2025/11/13 12:0 a.m.•3 views

CVE-2025-60685

0.00026EPSS

Positive Technologies•added 2025/11/13 12:0 a.m.•1 views

PT-2025-46843

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614 B20230630 within the cloudupdate check binary, specifically in the sub 402414 function that handles cloud update parameters. User-supplied 'magicid' and 'url' values are directly concatenated into shell...

8.5AI score0.00693EPSS

CNNVD•added 2025/11/13 12:0 a.m.•1 views

TOTOLINK A720R 安全漏洞

6.5CVSS7.4AI score0.06054EPSS