Totolink A3700r Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Totolink A3700r Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (43)
CVE-2024-37632 — CVSS 9.8 (critical): TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
CVE-2023-52030 — CVSS 9.8 (critical): TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg…
CVE-2023-52031 — CVSS 9.8 (critical): TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile…
CVE-2024-37634 — CVSS 9.8 (critical): TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg.
CVE-2024-37635 — CVSS 9.8 (critical): TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
CVE-2024-37637 — CVSS 9.8 (critical): TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg.
CVE-2024-42543 — CVSS 9.8 (critical): TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.
CVE-2024-42545 — CVSS 9.8 (critical): TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.
CVE-2023-46574 — CVSS 9.8 (critical): An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the…
CVE-2023-50147 — CVSS 9.8 (critical): There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router…
CVE-2023-52027 — CVSS 9.8 (critical): TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost…
CVE-2023-52028 — CVSS 9.8 (critical): TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg…
CVE-2023-52029 — CVSS 9.8 (critical): TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg…
CVE-2024-37633 — CVSS 8.8 (high): TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg
CVE-2024-37640 — CVSS 8.8 (high): TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg.
CVE-2026-1143 — CVSS 8.8 (high): A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822_B20200513. This affects the function setWiFiEasyGuestCfg of the file…
CVE-2024-37631 — CVSS 8.8 (high): TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the File parameter in function UploadCustomModule.
CVE-2024-37639 — CVSS 8.8 (high): TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules.
CVE-2022-36463 — CVSS 7.8 (high): TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function…
CVE-2022-36459 — CVSS 7.8 (high): TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the host_time parameter in the…
CVE-2022-36460 — CVSS 7.8 (high): TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the…
CVE-2022-36461 — CVSS 7.8 (high): TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the hostName parameter in the…
CVE-2022-36462 — CVSS 7.8 (high): TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.
CVE-2022-36458 — CVSS 7.8 (high): TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the…
CVE-2022-36464 — CVSS 7.8 (high): TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function…
CVE-2022-36465 — CVSS 7.8 (high): TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter.
CVE-2022-36466 — CVSS 7.8 (high): TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.
CVE-2023-48192 — CVSS 7.8 (high): An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function.
CVE-2024-7160 — CVSS 6.3 (medium): A vulnerability classified as critical has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513. Affected is the function setWanCfg of the…
CVE-2025-3663 — CVSS 5.3 (medium): A vulnerability, which was classified as critical, has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513. This issue affects the function…
CVE-2025-3664 — CVSS 5.3 (medium): A vulnerability, which was classified as critical, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. Affected is the function…
CVE-2025-3665 — CVSS 5.3 (medium): A vulnerability has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as critical. Affected by this vulnerability is the…
CVE-2025-3666 — CVSS 5.3 (medium): A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as critical. Affected by this issue is the function…
CVE-2025-3667 — CVSS 5.3 (medium): A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. It has been classified as critical. This affects the function…
CVE-2025-3668 — CVSS 5.3 (medium): A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. It has been declared as critical. This vulnerability affects the…
CVE-2025-3674 — CVSS 5.3 (medium): A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. It has been declared as critical. Affected by this vulnerability is the…
CVE-2025-3675 — CVSS 5.3 (medium): A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. It has been rated as critical. Affected by this issue is the function…
CVE-2024-7156 — CVSS 5.3 (medium): A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as problematic. Affected by this issue is some unknown…
CVE-2024-7154 — CVSS 4.3 (medium): A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. Affected is an unknown function…