PT-2026-36751

A security vulnerability has been detected in Totolink WA300 5.2cu.7112 B20190227. This affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument hostTime leads to command injection. The attack can be executed remotely. The exploit has been disclosed...

CVE-2025-55901

TOTOLINK A3300R V17.0.0cu.596B20250515 is vulnerable to command injection in the function NTPSyncWithHost via the hosttime parameter...

PT-2025-51256

Name of the Vulnerable Software and Affected Versions TOTOLINK A3300R version V17.0.0cu.596 B20250515 Description The TOTOLINK A3300R router firmware contains a command injection flaw in the NTPSyncWithHost function. The issue is triggered through the host time parameter. This allows for potentia...

PT-2023-8034 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue concerns arbitrary command execution in the host time parameter of the NTPSyncWithHost interface of the cstecgi .cgi. This vulnerability exists due to the lack of measures...

TotoLink N600R 命令注入漏洞

TotoLink N600R is a wireless router from TotoLink, Taiwan, China. TotoLink N600R has a command injection vulnerability hole, which can be exploited by attackers via /setting/NTPSyncWithHost...

PT-2022-17728 · Totolink · Totolink A3100R +5

Name of the Vulnerable Software and Affected Versions: Totolink A830R version 5.9c.4729 B20191112 Totolink A3100R version 4.1.2cu.5050 B20200504 Totolink A950RG version 4.1.2cu.5161 B20200903 Totolink A800R version 4.1.2cu.5137 B20200730 Totolink A3000RU version 5.9c.5185 B20201128 Totolink A810R...