Totolink A3100r Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Totolink A3100r Firmware.
By the Year
In 2025 there have been 5 vulnerabilities in Totolink A3100r Firmware with an average score of 9.8 out of ten. Last year, in 2024 A3100r Firmware had 5 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in A3100r Firmware in 2025 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.50.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 5 | 9.80 |
| 2024 | 5 | 9.30 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new A3100r Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Totolink A3100r Firmware Security Vulnerabilities
TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow
CVE-2025-45790
9.8 - Critical
- May 08, 2025
TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the priority parameter in the setMacQos interface of /lib/cste_modules/firewall.so.
Memory Corruption
TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow
CVE-2025-45789
9.8 - Critical
- May 08, 2025
TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow via the urlKeyword parameter in setParentalRules.
Memory Corruption
TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow
CVE-2025-45788
9.8 - Critical
- May 08, 2025
TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the comment parameter in setMacFilterRules.
Memory Corruption
TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow
CVE-2025-45787
9.8 - Critical
- May 08, 2025
TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow viathe comment parameter in setIpPortFilterRules.
Memory Corruption
An issue in TOTOLINK A3100R V4.1.2cu.5247_B20211129
CVE-2025-28256
- March 28, 2025
An issue in TOTOLINK A3100R V4.1.2cu.5247_B20211129 allows a remote attacker to execute arbitrary code via the setWebWlanIdx of the file /lib/cste_modules/wireless.so.
TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
CVE-2024-42547
9.8 - Critical
- August 12, 2024
TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
Classic Buffer Overflow
TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function.
CVE-2024-42546
9.8 - Critical
- August 12, 2024
TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function.
Classic Buffer Overflow
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504
CVE-2024-7158
8.8 - High
- July 28, 2024
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as critical. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument telnet_enabled leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272572. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Command Injection
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504
CVE-2024-7157
8.8 - High
- July 28, 2024
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been classified as critical. This affects the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272571. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Classic Buffer Overflow
TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129
CVE-2024-36650
- June 11, 2024
TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the length of the user input string `NoticeUrl` is not checked. This can lead to a buffer overflow, allowing attackers to construct malicious HTTP or MQTT requests to cause a denial-of-service attack.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Totolink A3100r Firmware or by Totolink? Click the Watch button to subscribe.
