Totolink A720r Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Totolink A720r Firmware.
By the Year
In 2026 there have been 0 vulnerabilities in Totolink A720r Firmware. Last year, in 2025 A720r Firmware had 4 security vulnerabilities published. Right now, A720r Firmware is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 4 | 5.85 |
| 2024 | 1 | 8.10 |
| 2023 | 1 | 9.80 |
It may take a day or so for new A720r Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Totolink A720r Firmware Security Vulnerabilities
TOTOLINK A720R 4.1.5cu.374 Remote Info Disclosure via cstecgi.cgi
CVE-2025-4271
5.3 - Medium
- May 05, 2025
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Information Disclosure
TOTOLINK A720R 4.1.5cu.374 Config Handler CGI Info Disclosure via topicurl
CVE-2025-4270
7.5 - High
- May 05, 2025
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Information Disclosure
TOTOLINK A720R Log Handler Access Control Bypass v4.1.5cu.374
CVE-2025-4269
5.3 - Medium
- May 05, 2025
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi of the component Log Handler. The manipulation of the argument topicurl with the input clearDiagnosisLog/clearSyslog/clearTracerouteLog leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Authorization
Totolink A720R 4.1.5cu.374 Auth Bypass via /cgi-bin/cstecgi.cgi RebootSystem
CVE-2025-4268
5.3 - Medium
- May 05, 2025
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Missing Authentication for Critical Function
OS Command Injection Remote via exportOvpn in TOTOLINK A720R 4.1.5
CVE-2024-8869
8.1 - High
- September 15, 2024
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the function exportOvpn. The manipulation leads to os command injection. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Shell injection
Totolink A720R v4.1.5cu.532_B20210610 Improper Access Control Vulnerability
CVE-2023-23064
9.8 - Critical
- February 17, 2023
TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Totolink A720r Firmware or by Totolink? Click the Watch button to subscribe.
