Totolink A720r Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Totolink A720r Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (28)
CVE-2021-44247 — CVSS 9.8 (critical): Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain…
CVE-2021-27710 — CVSS 9.8 (critical): Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware…
CVE-2021-35324 — CVSS 9.8 (critical): A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4.1.5cu.470_B20200911 allows attackers to bypass…
CVE-2021-27708 — CVSS 9.8 (critical): Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware…
CVE-2021-35327 — CVSS 9.8 (critical): A vulnerability in TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to start the Telnet service, then login with the…
CVE-2021-45742 — CVSS 9.8 (critical): TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a command injection vulnerability in the "Main" function. This…
CVE-2021-45740 — CVSS 9.8 (critical): TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the setWiFiWpsStart function. This vulnerability allows…
CVE-2025-9303 — CVSS 8.8 (high): A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B20250509. This issue affects the function setParentalRules of the file…
CVE-2022-36610 — CVSS 7.8 (high): TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
CVE-2022-36456 — CVSS 7.8 (high): TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in…
CVE-2021-44246 — CVSS 7.5 (high): Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain a…
CVE-2021-45737 — CVSS 7.5 (high): TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows…
CVE-2021-45739 — CVSS 7.5 (high): TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows…
CVE-2021-35326 — CVSS 7.5 (high): A vulnerability in TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows attackers to download the configuration file via…
CVE-2021-35325 — CVSS 7.5 (high): A stack overflow in the checkLoginUser function of TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to cause a denial…
CVE-2022-38535 — CVSS 7.2 (high): TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function.
CVE-2022-38534 — CVSS 7.2 (high): TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setdiagnosicfg function.
CVE-2025-4269 — CVSS 6.5 (medium): A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This issue affects some unknown processing of the file…
CVE-2025-60682 — CVSS 6.5 (medium): A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the cloudupdate_check binary…
CVE-2025-60683 — CVSS 6.5 (medium): A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary…
CVE-2021-43662 — CVSS 6.5 (medium): totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue which causes uncontrolled resource…
CVE-2025-4270 — CVSS 5.3 (medium): A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file…
CVE-2025-4268 — CVSS 5.3 (medium): A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the…
CVE-2025-4271 — CVSS 5.3 (medium): A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown…
CVE-2025-60686 — CVSS 5.1 (medium): A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers (A720R…
CVE-2025-60685 — CVSS 5.1 (medium): A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary (sub_401EE0…
CVE-2024-8869 — CVSS 5.0 (medium): A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the function exportOvpn. The manipulation leads…