T10 Firmware Security Vulnerabilities and Issues — T10 Firmware CVE List

Lucene search

TotolinkT10 Firmware

8 matches found

CVE•added 2025/06/10 12:15 a.m.•57 views

CVE-2025-5903

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been classified as critical. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument desc leads to buffer overflow. It is possible to launch the a...

9CVSS8.9AI score0.00193EPSS

CVE•added 2025/06/10 12:15 a.m.•46 views

CVE-2025-5904

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setWiFiMeshName of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument device_name leads to buffer overflow. The...

9CVSS8.9AI score0.00193EPSS

CVE•added 2025/06/10 12:15 a.m.•44 views

CVE-2025-5905

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been rated as critical. Affected by this issue is the function setWiFiRepeaterCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument Password leads to buffer overflow. The attack may...

9CVSS8.8AI score0.00193EPSS

CVE•added 2025/06/09 11:15 p.m.•43 views

CVE-2025-5901

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can b...

9CVSS8.9AI score0.00193EPSS

CVE•added 2025/06/09 11:15 p.m.•43 views

CVE-2025-5902

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument slaveIpList leads to buffer overflow. The attack may be initiated ...

9CVSS8.9AI score0.00193EPSS

CVE•added 2025/06/16 9:15 p.m.•17 views

CVE-2025-6138

A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ssid5g leads to buffer overflow. The attack can be...

9CVSS7.4AI score0.00192EPSS

CVE•added 2025/06/16 9:15 p.m.•15 views

CVE-2025-6139

A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. Affected by this issue is some unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can only be initiated within the local network. Th...

3.9CVSS4.2AI score0.00048EPSS

CVE•added 2025/06/16 8:15 p.m.•14 views

CVE-2025-6137

A vulnerability classified as critical has been found in TOTOLINK T10 4.1.8cu.5207. Affected is the function setWiFiScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument desc leads to buffer overflow. It is possible to launch the a...

9CVSS7.4AI score0.00162EPSS