CVE-2021-45742

TOTOLINK A720R v4.1.5cu.470B20200911 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

TOTOLINK A800R Command Injection Vulnerability (CNVD-2025-09933)

TOTOLINK A800R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A800R suffers from a command injection vulnerability that stems from the QUERYSTRING parameter in downloadFile.cgi failing to correctly filter constructed command special characters, commands, and so on. No...

CVE-2025-28017

TOTOLINK A800R V4.1.2cu.5032B20200408 is vulnerable to Command Injection in downloadFile.cgi via the QUERYSTRING parameter...

CVE-2025-28017

CVE-2025-28017 affects TOTOLINK A800R, version 4.1.2cu.5032_B20200408, with a Command Injection vulnerability in downloadFile.cgi exploitable via QUERY_STRING. Root cause per sources: failure to properly filter constructed command characters in that parameter. Impacts include potential remote com...

CVE-2022-27411

TOTOLINK N600R v5.3c.5507B20171031 was discovered to contain a command injection vulnerability via the QUERYSTRING parameter in the "Main" function...

Command injection

TOTOLINK N600R v5.3c.5507B20171031 was discovered to contain a command injection vulnerability via the QUERYSTRING parameter in the "Main" function...

TOTOLink A800R Command Injection Vulnerability

TOTOLink A800R is a wireless router from TotoLink, China.TOTOLink A800R V4.1.2cu.5137B20200730 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the QUERYSTRING parameter...

TOTOLink A3600R Command Injection Vulnerability

TOTOLink A3600R is a wireless router from TotoLink, China.TOTOLink A3600R V4.1.2cu.5182B20201102 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the QUERYSTRING parameter...

TOTOLink A830R Command Injection Vulnerability

TOTOLink A830R is a wireless dual-band router from TotoLink, China.TOTOLink A830R V5.9c.4729B20191112 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the QUERYSTRING parameter...

TOTOLink T6 Command Injection Vulnerability (CNVD-2022-17105)

TOTOLink T6 is a wireless dual-band router from TotoLink, China.TOTOLink T6 V5.9c.4085B20190428 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the QUERYSTRING parameter...

TOTOLink A3000RU Command Injection Vulnerability

TOTOLink A3000RU is a wireless router from TotoLink, China.TOTOLink A3000RU V5.9c.2280B20180512 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the QUERYSTRING parameter...

TOTOLink A810R Command Injection Vulnerability

TOTOLink A810R is a wireless dual-band router from TotoLink, China.TOTOLink A810R V4.1.2cu.5182B20201026 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the QUERYSTRING parameter...

TOTOLink A860R Command Injection Vulnerability

TOTOLink A860R is a wireless router from TotoLink, China.TOTOLink A860R V4.1.2cu.5182B20201027 is vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the QUERYSTRING parameter...

TOTOLink A950RG Command Injection Vulnerability

TOTOLink A950RG is a wireless router from TotoLink, China.TOTOLink A950RG V5.9c.4050B20190424 and V4.1.2cu.5204B20210112 versions are vulnerable to command injection, which can be exploited by attackers to execute arbitrary commands via the QUERYSTRING parameter. to execute arbitrary commands...

CVE-2022-25077

TOTOLink A3100R V4.1.2cu.5050B20200504 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

CVE-2022-25078

TOTOLink A3600R V4.1.2cu.5182B20201102 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

CVE-2022-25082

TOTOLink A950RG V5.9c.4050B20190424 and V4.1.2cu.5204B20210112 were discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

CVE-2022-25081

TOTOLink T10 V5.9c.5061B20200511 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

CVE-2022-25083

TOTOLink A860R V4.1.2cu.5182B20201027 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

CVE-2022-25080

TOTOLink A830R V5.9c.4729B20191112 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...