T6 Firmware Security Vulnerabilities and Issues — T6 Firmware CVE List

Lucene search

TotolinkT6 Firmware

13 matches found

CVE•added 2025/07/11 10:15 p.m.•13 views

CVE-2025-7460

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. ...

9CVSS8.9AI score0.00166EPSS

CVE•added 2025/07/20 3:15 a.m.•10 views

CVE-2025-7862

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument telnet_enabled with the input 1 leads to mis...

9.8CVSS7.2AI score0.00137EPSS

CVE•added 2025/07/13 9:15 a.m.•8 views

CVE-2025-7524

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible t...

8.8CVSS6.9AI score0.02454EPSS

CVE•added 2025/07/13 10:15 a.m.•8 views

CVE-2025-7525

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injection...

8.8CVSS6.9AI score0.02454EPSS

CVE•added 2025/06/30 5:15 p.m.•7 views

CVE-2025-6916

A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015. This affects the function Form_Login of the file /formLoginAuth.htm. The manipulation of the argument authCode/goURL leads to missing authentication. The attack needs to be initiated within the local ...

8.8CVSS8.6AI score0.00161EPSS

CVE•added 2025/07/14 4:15 p.m.•7 views

CVE-2025-7615

A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748. Affected by this vulnerability is the function clearPairCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be lau...

8.8CVSS7.1AI score0.02499EPSS

CVE•added 2025/07/14 3:15 p.m.•6 views

CVE-2025-7613

A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack may be in...

8.8CVSS7.8AI score0.02499EPSS

CVE•added 2025/07/14 3:15 p.m.•6 views

CVE-2025-7614

A vulnerability classified as critical has been found in TOTOLINK T6 4.1.5cu.748. Affected is the function delDevice of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ipAddr leads to command injection. It is possible to launch the attack r...

8.8CVSS7.9AI score0.02499EPSS

CVE•added 2025/07/17 10:15 p.m.•6 views

CVE-2025-7758

A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4.1.5cu.748_B20211015. Affected by this issue is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to buffer overf...

9CVSS8.8AI score0.00166EPSS

CVE•added 2025/07/19 5:15 p.m.•6 views

CVE-2025-7837

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this issue is the function recvSlaveStaInfo of the component MQTT Service. The manipulation of the argument dest leads to buffer overflow. The attack may be launched remotely. The exploit has been...

9CVSS8.8AI score0.00166EPSS

CVE•added 2025/07/20 11:15 p.m.•5 views

CVE-2025-7912

A vulnerability, which was classified as critical, has been found in TOTOLINK T6 4.1.5cu.748_B20211015. This issue affects the function recvSlaveUpgstatus of the component MQTT Service. The manipulation of the argument s leads to buffer overflow. The attack may be initiated remotely. The exploit ha...

9CVSS8.9AI score0.00166EPSS

CVE•added 2025/07/21 12:15 a.m.•5 views

CVE-2025-7913

A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015. Affected is the function updateWifiInfo of the component MQTT Service. The manipulation of the argument serverIp leads to buffer overflow. It is possible to launch the attack remotely. The exploit has...

9CVSS8.9AI score0.00166EPSS

CVE•added 6 days ago•5 views

CVE-2025-7952

A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748. This vulnerability affects the function ckeckKeepAlive of the file wireless.so of the component MQTT Packet Handler. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been d...

8.8CVSS6.9AI score0.02131EPSS